New Zafi-D Worm Spreads Christmas Fear

The latest variant in the Zafi worm family has hit the Wild, disguising

itself as a Christmas greeting.

Zafi-D, which was discovered Monday, Dec. 13, has received a medium

threat risk assessment from Panda Software, an anti-virus company with

U.S. headquarters in Glendale, Calif.

”Despite its disguise, Zafi-D isn’t much of a Christmas present,” warns

Graham Cluley, senior technology consultant for Sophos, Inc., an

anti-virus and anti-spam company based in Lynnfield, Mass. ”Users who

open the attached file will trigger the virus into action, infecting

their PC and potentially opening it up to hacker attack.

”Heartless hackers and virus writers can attack at any time of year, and

every computer user should be on the lookout for unusual emails and be

wary of ever opening any unsolicited file they are sent via email,” adds

Cluley.

Sophos reports that Zafi-D, which is believed to have been written in

Hungary, spreads an attached file inside emails offering seasonal

greetings to the recipient. The emails can use a variety of different

languages, including English, French, Spanish and Hungarian.

The email messages include: ”FW: Merry Christmas”, ”Happy HollyDays!”

and ”Feliz Navidad!”. Embedded inside the email is a crude animated GIF

graphic of two smiley faces. The ‘From’ field of the email is spoofed.

Analysts from MessageLabs, Inc., a managed email security company based

in New York, reports that Zafi-D is a mass mailing virus that uses its

own SMTP engine to spread and harvests email addresses from compromised

machines. The virus also attempts to replicate via P2P applications.

The recipient must manually open the attachment in order for it to be

executed, upon which it will attempt to disable any running firewall and

antivirus software, according to MessageLabs. Windows tools, like Task

Manager and the Registry Editor, also may be disabled.

Zafi.D has a remote access component that waits for inbound connections

on TCP port 8181. Remote users can then upload and execute files via this

backdoor.

Sophos’ Cluley advises IT managers to warn users to be suspicious about

email greetings.

”Having a business environment where it’s seen to be acceptable to send

and receive joke programs, screensavers, and electronic greetings cards

increases the risk of virus infection at any time, but can prove

particularly risky during the holiday season,” Cluley says. ”When your

computer data is at risk, it may be wiser to avoid electronic

well-wishing, and use paper and ink instead.”

RELATED NEWS AND ANALYSIS

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2020

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020

• Anticipating The Coming Wave Of AI Enhanced PCs

  FEATURE |  By Rob Enderle,
  September 05, 2020

• The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  August 14, 2020