Kaboom! Another mass-mailing worm is running free!

Symantec security response warns of the W32.Swen.A@mm worm. This is a level 3 mass-emailing worm that was upgraded on September 18, 2003!

This question was answered on September 19, 2003. Much of the information contained herein may have changed since posting.

---

W32.Swen.A@mm is a mass-mailing worm that uses its own SMTP engine to spread itself It attempts to spread through file-sharing networks, such as KaZaA and IRC, and attempts to kill antivirus and personal firewall programs running on a computer

The emails sent out by the worm include a message which is randomly constructed from a wide range of realistic-sounding phrases If an infected attachment is opened, the worm starts to spread It covers its tracks by creating a message you might expect from a security patch, such as "Microsoft Internet Update Pack - This update does not need to be installed on this system", or "This will install Microsoft Security Update Do you wish to continue?" Please be wary when opening your email, especially from someone you don't know.

The email message has the following characteristics:

Subject, Message, & Attachment: File names are random The From address may also vary.

All Windows operating systems are affected

Symantec advises all possible victims to download latest virus definitions immediately and deploy.

Get complete instruction on protection and removal from Symantec at: <a href="http://sarc.com/avcenter/venc/data/[email protected]">http://sarc.com/avcenter/venc/data/[email protected]</a>

About the author

Posted by Michal of Data Doctors on September 19, 2003

Need Help with this Issue?

We help people with technology! It's what we do.
Contact or Schedule an Appointment with a location for help!