'Here You Have' Virus Nothing New, Experts Say

worm e-mail

In fact, the e-mail worm is strikingly similar to the "I Love You" and other notorious e-mail viruses from a decade ago, experts say.

"It's very similar. They even use the same subject lines as the Anna Kournikova virus from 2001," said Greg Leah, malware analyst with Symantec Hosted Services. "It seems like we've come full circle."

By and large, the new "Here You Have" virus, which exploded onto users' inboxes Thursday, is typical of other e-mail worms. Victims receive an e-mail appearing to be from someone on their contact list. The body of the socially engineered e-mail then directs them to a malicious link disguised as a PDF, hosted on the Web. Users become infected once they click on the link.

Once installed, the worm spreads rapidly through the victims' instant message, mapped drives and e-mail by taking contacts from the address book. It then spreads by pushing out hundreds of e-mails to other users on the victim's contact list.

Sponsored post

On its quest, it also evades and disables various related security programs.

At its peak, infection rates were about 2,000 e-mails per minute, with about 106,390 copies, according to Symantec Hosted Services.

While the worm doesn't differ in functionality from other malware, security companies have prioritized it as a high category threat, due to the large volumes of affected computer users and scope of the attack.

Security experts say that one of the reasons for the high infection rates is due to the fact that the attack is distributed via an e-mail that appears to come from a friend or someone the victim knows.

"When someone gets infected, it goes through their address book, pretending to be that person. That's the main reason it was so effective," Leah said.

Leah added that although e-mail worms had their heyday in the late 1990s, newer or younger computer users might be unfamiliar with those kinds of attacks, or people have simply forgotten.

"We haven't seen many of these for a long time," he said. "It might be long enough so that people forgot."