Originally published on November 22, 1999 and brought to you today as a time capsule.
As the holiday season prepares to kick off in earnest, antivirus researchershave discovered a new hybrid computer virus that could deliver a maliciouspayload to users’ hard drives on December 25th.
The virus, known as W97M.Prilissa.A, or simply Prilissa, infects usersof Windows 95 or 98 through Microsoft Word documents, spreading itselfby way of an MS Outlook e-mail attachment. Prilissa will then be sentout to the first e-mail 50 addresses in the infected user’s addressbook, with the message “this document is very Important and you’ve GOTto read this!!!”
According to researchers at SymantecCorp. (Nasdaq: SYMC), Prilissa activates on Christmas Day, firstdisplaying a message — “Vine…Vide…Vice…Moslem Power NeverEnd…Your Computer Have Just Been Terminated By -= CyberNET =- Virus!!” –thenoverwriting the AUTOEXEC.BAT file to format the user’s hard drive.
Macro Variant and Heuristic Technology
“Our customers can be assured that by continuing to update theirdefinitions on a regular basis, they will be protected with theindustry’s most advanced anti-virus technology,” stated Vincent Weafer,director of Symantec’s AntiVirus Research Center. Through its macro variantand heuristic technology, Symantec detectedW97M.Prilissa.A, and has documented the infection as a variant of theW97M.AntiSocial.G and W97M.Melissa viruses.
“Macro variant technology analyzes the actions and commands used by aset of viruses and leverages this to detect unknown viruses with thesame characteristics,” said a Symantec company statement. “Heuristictechnology enables virus detection by analyzing a multitude of viruses,and identifying certain common traits that all viruses share.”
Symantec’s Norton AntiVirus product uses these technologies to protectusers, but they are not alone in the utility software market. Network Associates, Inc. (Nasdaq: SYMC),which claims to have discovered the virus last week, offers protectionthrough various antivirus products.
The company, which has already been receiving some infection noticesfrom businesses in the Unites States and across Europe, just announcedthat an enhanced version of its McAfee GroupShield for Lotus Notessoftware for e-business has been made available. The software packagebrings the Network Associates Virulogic detection technology toprofessional e-commerce users of Lotus Notes.
“GroupShield for Notes 4.5 is formulated to protect the most demandingapplication environments that companies rely on to drive theire-business, including Notes server clusters,” stated Sal Viveros,group-marketing manager for McAfee Total Virus Defense for NetworkAssociates. “While e-mail remains the most common vehicle for virusproliferation, Network Associates is providing best-of-breed groupwareanti-virus protection for our Notes R5 customers so they can do businesseffectively, while maintaining a secure Notes environment.”
Users are encouraged to check with the manufacturer of their antivirussolutions for Prilissa fix information.