Sunday, January 7, 2007

Protect Your Computer from the Melissa Virus

By Michael Russell

The latest threat in the computer virus list is the "e-mail virus" which ingrains itself in a document that sends a dummy letter (attaching itself) to all the people in a person's address book. The most spectacular of the known e-mail viruses was the 1999 Melissa virus which used Microsoft Word documents to send itself all over the world, causing significant damage to businesses and email service providers.

The virus creator coded the Melissa virus in a Word document and then sent it to an Internet newsgroup where it could be downloaded by just about anyone. People who downloaded the document and read it would unknowingly release the virus to the first fifty people in that person's email address book. The email message that was sent looked friendly and familiar enough because it could even include the sender's name to give the impression that opening the email was harmless. Like a vicious parasite, the virus would then enter the recipient's email address book and send itself once more to the first fifty people on HIS address book. The cycle went on and on, forcing large companies to shut down their email systems for a while. To date, this method of replication made the Melissa virus the fastest spreading virus on the Net.

If you opened this infected document in either Word 97 or Word 2000 formats the "normal.dot" template would be infected by this macro virus. Melissa and other macro viruses prompt you to open an attachment and run its macros for your email service to be damaged. Receiving a file per se that looks "infected" does not damage your computer. Once permitted to run, the virus attached itself to the recipient's documents, not only causing denial of service on a number of mail servers, but also leaking out sensitive information to a number of email users. The US government has received reports of the virus affecting more than 300 large institutions and more than 100,000 individual hosts.

Melissa was a macro virus, which made it only one of a thousand macro virus variants created since 1995. Melissa differed from all these macro viruses because of the speed in which it propagated itself and the amount of damage it caused to internet users. In less than 2 days from its first download, it had infected more than a hundred thousand computers. One site received more than 30,000 emails, all containing the virus, in less than an hour. It did not only affect users of Microsoft Outlook, but infected users of all other email services as well. How you receive the email does not matter because Melissa will alter your "normal.dot" file in your system anyway.

A variant of the Melissa virus, called the "Papa" virus, is also reported to be contaminating email address books, but the impact is insignificant compared to Melissa's, partly due to media awareness and the rise of antivirus software. What makes the Papa virus a little different from Melissa is its new ability to spread not only via Word, but also via PowerPoint and Excel.

It is recommended that Net users set Word to prompt you if there are any attempts to change your "normal.dot" file. Try to disable macros and proceed carefully if you open any document with enabled macros. Invest in good antivirus software and update it every week. Install a spam-guard on your email service and immediately delete any received emails that look suspicious. Despite the damage and fear caused by Melissa, most computer specialists rank the virus as an easily detectable kind and was classified as "relatively non-destructive". There are other variants that are stealthier and more harmful, so a regular virus scan by trusted antivirus software is crucial.

Michael Russell

Your Independent Virus guide.

Labels: , , ,

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home