May 10, 2002
                Information-technology Promotion Agency
Security Center (IPA/ISEC)
 
Computer Virus Incident Reports [summary]
 

W32/Klez's variants of stealing other's address are raging!!
Deceiving sender's name and accuse innocent bystander of falsely for infection!!!

This is a summary of Computer Virus Incident Reports of April 2002 compiled by IPA: Information-technology Promotion Agency. 2012 reports were submitted to IPA in April. (1460 reports in March.)It was high level of over 2000 reports for the first time in three months. However, the actual damage rate is low and it dropped from 10.5% of March to 6.7%.


W32/Klez's variants of stealing other's address appeared one after Another!!

 Some modified variants of W32/Klez(that appeared in October 2001) appeared in April. We received 1148 reports in this month. Although the number of reports increased, the actual damage rate of this virus was 5.7%, which is a low percentage term in the total ratio.

This virus's modified variants send virus mails which sender's names were obtained in the address from computers at random. By this way, they send virus mails not by actual infected person but by the others' address that were stolen from computers. That makes the innocent bystander is accused falsely for infection and refrain from contacting real Infected person to be informed of infection.

Also, they attach virus file with mail and expand the infection. At the same time, it attached the files of Word, Excel, and textfiles in the computer. Thus there is a risk of leaking out confidential information.



An Email from W32/Klez looks like above

Furthermore, they spread infection on network. Therefore, if you have an easy common setting of permission to access to all the C drive without password, the damage can be more serious. When you find the virus in the network-connected computer, you have to cut off the circuit at once to make the damage minimum.

Warning for this month: Detect suspicious mails by anti-virus software!!
====== The first step for preventing from infection ======

There are many kinds of virus that ill-uses of mail function. It is difficult to distinguish from virus mail by just seeing. Among them, for instance, W32/Klez virus makes subject, body and the name of attachment file at random.

Therefore, you should not judge suspicious mails and attachment files by seeing. You must detect by anti-virus software that updated the latest virus detection data files.
 
The information on anti-virus software (Japanese)

Reference) The example of mail's subject and body that W32/Klez virus makes at random.

    


Also, please recognize that emails' attachment files may include virus Be careful when you deal with emails with attachment files.

How to deal with emails’ attachment files: 5 hints

Computer Virus Incident Reports for April, 2002 (full report)

Inquiry: IPA Security Center (IPA/ISEC)
      (ISEC: Information technology SEcurity Center)
    TEL: +81-3-5978-7508    FAX: +81-3-5978-7518
    E-mail: isec-info@ipa.go.jp
    Emergency call: +81-3-5978-7509
    URL: http://www.ipa.go.jp/security/index-e.html