Zafi-D Worm Infecting 1 Out of 10 Emails

The Zafi-D worm, which hit the Wild with great speed this past Monday, is

infecting one out of every 10 emails traveling the Internet, according to

anti-virus reports.

This latest variant of the virulent Zafi family, also is accounting for

72 percent of all virus reports going into the anti-virus labs at Sophos,

Inc., an anti-virus and anti-spam company with U.S. headquarters in

Lynnfield, Mass. The worm is picking up speed. In the 24-hour period

between Tuesday and Wednesday, Zafi-D accounted only for 65 percent of

all virus reports.

”This is bad,” says Gregg Mastoras, a senior security analyst at

Sophos. ”It’s actually been picking up speed… Businesses will have to

start to be more vigilant about what they let through their gateway. That

will slow down the effect of it.”

Mastoras says Zafi-D is gaining so much ground because it’s taking

advantage of the holiday season. The worm harvests email addresses from

infected computers and then spoofs the sender’s address so it appears

that the email is coming from a friend, relative or co-worker. The con

doesn’t stop there, though. Zafi-D also contains a subject line of ‘Merry

Christmas’, ”Happy HollyDays!” and ”Feliz Navidad!”.

”You’re getting this from people you generally think are safe and

secure,” notes Mastoras. ”With the message of ‘Merry Christmas’, people

are really being taken in on this one.”

He adds that there hasn’t been a worm that spreads this fast since Netsky

and Sasser first hit the Wild.

Zafi-D has received a ‘medium threat’ level status from Panda Software,

an anti-virus company with U.S. headquarters in Glendale, Calif.

Analysts from MessageLabs, Inc., a managed email security company based

in New York, reports that Zafi-D is a mass-mailing virus that uses its

own SMTP engine to spread and harvests email addresses from compromised

machines. The virus also attempts to replicate via P2P applications.

The recipient must manually open the attachment in order for it to be

executed, upon which it will attempt to disable any running firewall and

antivirus software, according to MessageLabs. Windows tools, like Task

Manager and the Registry Editor, also may be disabled.

Zafi.D has a remote access component that waits for inbound connections

on TCP port 8181. Remote users can then upload and execute files via this

backdoor.

Sophos analysts advise IT managers to warn users to be suspicious about

email greetings.

RELATED NEWS AND ANALYSIS

• Ethics and Artificial Intelligence: Driving Greater Equality

  FEATURE |  By James Maguire,
  December 16, 2020

• AI vs. Machine Learning vs. Deep Learning

  FEATURE |  By Cynthia Harvey,
  December 11, 2020

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2021

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020