The Members Forum

An e-mail virus, dubbed “Here You Have” because of its subject line, has reportedly infected corporate networks of major companies like AIG, Procter & Gamble, Comcast, Disney and even Google since Thursday.

The virus is actually a mass-mailing worm reminiscent of old-school attacks from the early 2000s. It targets corporate networks and then lures users into clicking on a link to a purported PDF file or WMV movie. Instead of a work file, the worm is actually malware that attempts to gain access of your computer and send itself to everyone in your address book.

According to Joe Stewart from the security firm SecureWorks, the virus may have ties to a Libyan hacker who goes by the handle “iraq_resistance.”

Stewart says he found the username “iraq_resistance” referenced in the code of the malware and that the handle has links to Libya. It has purportedly been involved in minor website attacks over the last few years. It appears that this user’s group, “Brigades of Tariq ibn Ziyad,” wants to engage in some sort of electronic jihad.

Despite the speed at which the virus has spread across corporate networks, the unsophisticated nature of the attack lessens the likelihood of any extensive damage. Sophos is reporting that the files linked in the original e-mails no longer exist, but variations of this worm may still be active.

What this really underscores is just how bad even basic security policies are at even large corporations. Beyond anti-virus, heuristics and firewalls, this attack has ultimately spread as fast as it has because users have clicked on the files.

Have we learned nothing from the “Anna Kournikova” and “love letter” attacks from yesteryear? If a file looks strange or it is something you aren’t expecting, contact the sender before opening it up. Especially if you are on a corporate network.

Mashable has the article HERE!