ITrain Homepage

Site Directory
Membership
Train-the-Trainer
Trainer Certification
Certified Training Materials
ITinfo E-zine
Responsible Training
White Papers
Trainer Resources
What's New
Speaking Engagements
Onsite Training
ITrain Gear



Popular Links
Speaking Engagements
Training Manuals
Certification
Train the Trainer
The Training Book
Technical Writing
Privacy Policy

Print this document

Google
Web ITrain.org

Your Worst Assistant

Melissa virus sends porn messages for you

ITinfo Sponsor

ERROR: Random File Unopenable

ERROR: Random File Unopenable

The random file, as specified in the $random_file perl variable was unopenable.

The file was not found on your file system. This means that it has either not been created or the path you have specified in $trrandom_file is incorrect.

Melissa Virus Attacks Outlook, Exchange & Word Users

by Dave Murphy
ISSN 1535-3613

Dave Murphy, ITrain founder Outlook/Exchange customers, including Microsoft and Intel, have been hit by a macro virus that replicates pornography-related information throughout corporate email systems.

The virus, identified as "Melissa," is unusually effective. Having originated in Western Europe, and first discovered in a sex-related newsgroup, Melissa is causing problems for corporate email users since yesterday.

"The proliferation of this virus is something we've never seen before," said Srivats Sampath, a general manager at Network Associates. He said that 60,000 people at one company had been affected.

At Microsoft, all incoming and outgoing Internet mail is being inspected for signs of the virus.

At least one division of Intel Corp. also reported problems resulting from the macro virus. A public relations spokesperson acknowledged that some of the company's email servers had gone down as a result of the exceedingly high volume of mail transmissions caused by the virus' replication.

The Melissa virus spreads via email. However, a Word document is attached to infected messages, when the document is opened, Melissa launches a macro that replicates the message (and the attached Word document) to the first 50 names in the victim's Outlook address book.

The outgoing mail is given the subject line: "Important message from, ..." and the victim's named is inserted into the subject line. The message text consists "Here is that document you asked for... don't show anyone else;-)." And to top it all off, the infected documents contains porn website information.

McAfee added the virus to its virus database today. More information on the virus is can be found on McAfee's site.

The big concern for corporate email systems is for the effect on mail servers. Usually, such viruses attack individual machines, but this one apparently can overload mail services by sending out repeated messages.

People cannot get the virus by merely opening up a message, only by opening the attached document. REMEMBER, NEVER OPEN A DOCUMENT ATTACHMENT FROM SOMEONE YOU DON'T KNOW. And now in this case, you can't even trust all the documents you receive from people you do know!

My best suggestion is to use common sense, and always be careful of anything that you receive via email.

The virus also turns off Microsoft Office's macro protection, which could leave users more vulnerable to future viruses. After cleansing their machines of the virus, those affected might need to reactivate the macro protection.

If the date and time match (for example 3/26/99 at 3:26), the virus also has a humorous side, and quotes Bart Simpson's famous Scrabble quote "Twenty-two points plus triple word score, plus 50 points for using all my letters. Game's over. I'm out of here."

Antivirus software vendor TrendMicro says that the so-called W97M_Melissa virus can attack via both Word 97 and Word 2000 documents. If the virus attacks via Word 2000, says TrendMicro, "it will lower the security setting to the lowest level by modifying the registry and will disable the Word menu commands (MacroSecurity) which allows the user to reinstate security settings."

"A minimum of 20 major companies been infected. This is spreading faster than any virus we've seen before, because we've only seen a few email-activated viruses in the wild before this," noted Dan Schrader, director of product marketing.

Schrader says the best way for companies to stamp out Melissa is to run virus protection software at the server, not the desktop, level. TrendMicro says it already updated all of its products to detect this virus as of today. The company also is offering a free service on its website, allowing administrators and customers to scan their machines for any virus, including Melissa.

What do you think about Melissa? Have you ever been affected by a computer virus? Leave your comments on the Message Center.

Related Article

Papa Virus Is Worse Than Melissa

Message Center
DGL's Antivirus Information
McAfee
TrendMicro

Subscribe to ITinfo.
Receive computing and Internet news & tips
by subscribing to the ITinfo information service.
Type your Internet email address in the form, and click "Subscribe."
Email Address:

Previous issues are on our website at http://itrain.org/itinfo/.

International Association of Information Technology Trainers
PMB 616
6030-M Marshalee Dr
Elkridge, MD 21075-5987

410.567.5366
1.888.290.6200
fax 801.650.0423
Membership Director: member@itrain.org

Return to ITrain Homepage

Copyright © 2000 International Association of Information Technology Trainers, Ltd., All Rights Reserved

http://itrain.org/itinfo/1999/it990327.html
updated March 27, 1999