This is a summary of Computer Virus Incident Reports for July 2002 compiled by IPA: Information-technology Promotion Agency.

July's total number of reports decreased from 1965 reports (June) to 1781 reports (July). The actual damage rate increased from 6.4% (June) to 9.7%. Especially W32/Frethem Virus occupied 22.9 %.

200 reports in three days! Variant of W32/Frethem virus appeared!!

Variant of W32/Frethem virus appeared and more than 200 were reported in the first three days. Total number of reports in July was 315. This was the first virus that reported more than 300 in the month of first report, which is the first case in 2002.

The original specie that appeared in the early June did not work under Japanese environment. However, in July, variant with additional function could work under Japanese environment, then it spread widely.

Just after the variant appeared, for several hours, people could not detect by anti-virus software. In cases, they sent virus mail to member list which holding many members. These might cause the damage spread rapidly.

An email from W32/Frethem virus looks like above

Once W32/Frethem Virus infects computer, it assigns registered address in address book as sending address, then it sends email with virus. But it does not destroy data.

Although it is effective to prevent virus by anti-virus software, in cases of new virus or variant appears for the first time, we cannot always detect. We should not solely rely on anti-virus software. Please remind again the basic of virus prevention, ' do not open attachment file easily'.

• How to deal with attachment file of email 5 Hints

• Don't be confused by surface looking of attachment files.
• Even from acquaintance, doubt suspicious emails with attachment file.
• Before open attachment file, detect it by anti-virus software at least.

Furthermore, dissolving security hole is important. Especially if you use Internet Explorer and Outlook Express, security hole is reported one after another. Thus it is essential to update version and dissolve security hole as soon as possible.

• [Windows Update] Microsoft Corporation
  http://windowsupdate.microsoft.com/

Survey report of virus action for mobile terminal machine is open to public

Receiving virus email in mobile terminal machine is increasing , too. Currently, even mobile terminal machine receives virus that infects computer, it is not be infected. However, it can be a problem for leaking personal, private information. Therefore, we searched the current situation and had a survey for basic information for future prevention. It is summarized as a report so that please refer the following sites.

• The survey and report of Java virus risk in mobile terminal machine (Japanese)
• The survey and report of the risk of script virus in Windows CE 3.0 terminal(Japanese)
• Computer Virus Incident Reports for July, 2002 (full report)

IPA Security Center (IPA/ISEC)
(ISEC: Information technology SEcurity Center)
TEL: +81-3-5978-7508 FAX: +81-3-5978-7518
E-mail:
Emergency call: +81-3-5978-7509
URL: http://www.ipa.go.jp/security/index-e.html