Friday, March 28, 2025

9/11 Worm Can’t Squirm

HomeSecurity
Michael Chait
By Michael Chait

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Fears about a new Microsoft Windows e-mail worm themed around the
September 11 terrorist attacks were allayed this morning by a security firm’s report, which said
the worm had too many technical flaws to do much damage.

“This seems to be a poor attempt from a wannabe virus writer to exploit the
commemoration of September 11”, said Mikko Hypponen, manager of anti-virus
research at Finland-based F-Secure. “However, as the worm seems to crash regularly, it
won’t go far”.

The worm, which is called “Chet” and was discovered on September 10th, tries
to spread via an attachment file called 11september.exe. When this file is
executed, the worm will attempt to send an e-mail to each address found from
the Windows address book. The e-mail would always have “[email protected]” as
the sender and “All people!!” as the subject.

The e-mail tries to explain that the attached “11september.exe” file
contains proof of a conspiracy between US government and Al-Qaeda, while
repeatedly declaring that attachments are not viruses.

The e-mail states: “There is a friendly dialogue between Bin Laden and the
secretary of a state security of USA in the given photos. In the following
photo you’ll see, how FBI discusses how to strike over New York to lose
people as much as possible. And the document representing the super
confidential agreement between CIA and Al-Qaeda is submitted to your
attention.”

If a user executes the file, nothing visible happens while the worm tries to
send itself to every e-mail address listed in the computers address book.

If the infected computer has a modem, the worm tries to call a predefined
phone number. The number is believed to most likely be a local number in
some country, though neither the owner of the number or the purpose of the
call is known.

F-secure said that due to serious bugs contained in Chet, the worm will
fail to function on most systems and can not be considered to be a major
threat at this time. In fact since the worm crashes relatively early,
attempts to dial out are never actually activated.

The security firm noted that many things inside the worm’s code suggest that
the worm originates from Russia.

Previous article
HP Leaps Toward Next-Generation Memory
Next article
Disaster Recovery: A Preparation Checklist

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles

Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation’s focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.

Advertisers

Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.

Advertise with Us

Menu

Our Brands

Property of TechnologyAdvice.
© 2023 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.