Free Web Hosting Provider - Web Hosting - E-commerce - High Speed Internet - Free Web Page
Search the Web

Stronger Magistr.B invades Europe

Europe has been hit by a new, even more destructive variant of the Magistr virus, but so far America has baffled experts by remaining immune.

The Magistr.B virus arrives as an email, and is contained in an executable file entitled readme.exe. While it does not appear to have spread as widely as its predecessor, observers say it could cause more damage to those who have been infected. Magistr.A itself remains active, with UK security firm MessageLabs detecting 93,000 cases since 14 March, including 28,000 cases in the UK.

Security firms say that there is no reason why the U.S. should not see a Magistr.B infection, raising the possibility that an outbreak could still occur there. "I can't understand why [Magistr.B] is not going to the U.S.--we can never tell where such a virus is going to go, as the world has no boundaries with an email-borne worm," said Peter Cooper, UK support manager at antivirus firm Sophos.

Magistr.B spreads by email and generates random subject lines and body texts, and attaches itself as a random file with an .exe, .bat, .bif, .pif or.com extension. Unlike the typical mass-mailing virus, the new variant can pull addresses from the files of several email clients, including Outlook, Outlook Express, Eudora, Netscape Messenger and some Web-based email clients.

The trend in .exe email viruses is growing steadily, due to the ease with which modified versions of existing worms can be created. "With email viruses, you receive an email as well as an actual copy of the virus," said Cooper. "It is apparent that it is a virus by its .vbs or .doc extension. People who receive one may decide to tweak it for their own deviance, and call it their own."

This approach was used for the virulent Loveletter worm, which was written in plain text English--making it simple for anyone to make minor variations.

Virus experts suspect that the variant was not created by the same author as the original. Cooper speculated that Magistr.B may have originated from the U.S., but was sent to Europe as a diversion tactic.

Like the original worm, Magistr.B overwrites hard drives, erases CMOS and flashes the BIOS on the affected system, rendering the computer unusable. It adds the ability to infect Eudora address books and disable the ZoneAlarm personal firewall before connecting to the Internet.

By Wendy McAuliffe
ZDNet (UK)
Copyright © 2001, All Rights Reserved.
Created & Maintained by VQUEST.