New Netsky Variant — No Attachment Needed

Users don’t even need to open an attachment to be infected with the latest variant of the

virulent Netsky virus.

Netsky-V, unlike its widespread siblings, spreads without using email attachments. That

means users can get hit with the virus just by opening a tainted email.

”This makes me a little bit nervous because of the way it automatically infects

machines,” says Patrick Hinojosa, CTO at Panda Software U.S., an anti-virus and intrusion

prevention company with U.S. headquarters in Glendale, Calif. ”It doesn’t require foolish

end users to spread. And anything that doesn’t require user participation to work is bad

news.”

Analysts note that a flood of worms and viruses have been plaguing corporate networks over

the last few months. And those infections have occurred because users, despite being

educated about the dangers of attachments, were either negligent enough to click on an

attachment or they were conned into it. That leaves analysts worrying how bad a virus

infection could get if a user doesn’t have to screw up to make it work.

”This is a problem,” says Hinojosa. ”Smart user, not a smart user — it doesn’t really

matter. What matters here is if you have patched software. These are the viruses that can

spread pretty fast… How successfully it spreads just depends on how well it was written.

”I’m just hoping this one wasn’t written very well,” adds Hinojosa.

So far, it’s unclear how quickly this worm is spreading. Since it was just released into

the wild, the numbers on it aren’t really in it.

This new V variant has malicious XML code hidden in the message body of the email. When a

user opens the email to read it, the code automatically seeks out a known object validation

vulnerability in Microsoft Corp.’s Outlook and Internet Explorer software. The

vulnerability allows the malicious code to be trusted, installed and executed on the local

system.

Once the computer is infected, the malicious code will install a backdoor that listens to

TCP ports 5556 and 5557. Netsky-V is designed to launch denial-of-service attacks on

several Web sites between April 22 and April 28. The sites to be attacked include

kazaa.com; emule.de; cracks.am; freemule.net, and keygen.us.

Ken Dunham, director of malicious code at iDefense, a security intelligence firm based in

Reston, Va., says Microsoft released information about the vulnerability, along with a

patch to correct it, early last October. If a system has been patched, Netsky-V will not be

able to infect the computer.

But Hinojosa says there are millions of computers that have not been updated, so are

vulnerable to the attack.

”There are millions of unpatched computers on the corporate side,” says Hinojosa. ”Most

U.S. workers work for companies with fewer than 25 employees. They don’t have a system

administrator. And that’s not counting all the home users — the millions of home users —

who haven’t patched their systems in the last several months. How fast this spreads depends

only on how well it was written.”

RELATED NEWS AND ANALYSIS

• Ethics and Artificial Intelligence: Driving Greater Equality

  FEATURE |  By James Maguire,
  December 16, 2020

• AI vs. Machine Learning vs. Deep Learning

  FEATURE |  By Cynthia Harvey,
  December 11, 2020

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2021

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020