As if there are not enough legitimate acts of terrorism in the world, public relations folks went into overdrive regarding a broken email-borne virus that should have been dubbed "the little virus that couldn't". Even worse, the crippled virus was originally dubbed VBS.Antrax by Panda Software. (Antrax is the Spanish word for Anthrax).
Though virus analyzers noted that VBS.VBSWG.AF, a.k.a. Antrax virus, intends "to send itself via MAPI email but fails due to bugs in the script", that wasn't enough to stop hyperactive public relations teams, who quickly issued a media release on the non-event.
CNN then acted on the release and reported the information during their broadcast. Even Reuters picked up the story, claiming that once "the attachment is opened the worm spreads itself to everyone listed in the email address book." In reality, the file fails to attach itself to the outgoing email, and thus the worm self-destructs on its very first try.
"It is disappointing to see some of our competitors hyping up a virus like this, particularly in the current political climate," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "Anti-virus companies should act responsibly when it comes to virus alerts. Sadly, on this occasion, it's possible that the only thing which will spread is greater confusion and panic amongst the public."
Just another worm
VBS.VBSWG.AF is just another VBS script virus. Like others, its intent is to spread via email. Unlike others, lame coding makes this impossible. The email, should you ever receive it (doubtful) carries the subject line: Antrax Info and body which reads:
si no sabes que es el antrax o cuales son sus efectos aquite mando una foto para que veas los efectos que tiene.
Nota:la foto esta un poco fuerte.
In English, this translates to:
If you don't know what antrax is or what the results of it are, please see the attached picture so that you can see the results that it has.
Note: the picture might be too strong.
The attached file is named "antraxinfo.vbs".
The virus also modifies the SCRIPT.INI file used with mIRC to facilitate spread via Internet Relay Chat.
Though virus analyzers noted that VBS.VBSWG.AF, a.k.a. Antrax virus, intends "to send itself via MAPI email but fails due to bugs in the script", that wasn't enough to stop hyperactive public relations teams, who quickly issued a media release on the non-event.
CNN then acted on the release and reported the information during their broadcast. Even Reuters picked up the story, claiming that once "the attachment is opened the worm spreads itself to everyone listed in the email address book." In reality, the file fails to attach itself to the outgoing email, and thus the worm self-destructs on its very first try.
"It is disappointing to see some of our competitors hyping up a virus like this, particularly in the current political climate," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "Anti-virus companies should act responsibly when it comes to virus alerts. Sadly, on this occasion, it's possible that the only thing which will spread is greater confusion and panic amongst the public."
Just another worm
VBS.VBSWG.AF is just another VBS script virus. Like others, its intent is to spread via email. Unlike others, lame coding makes this impossible. The email, should you ever receive it (doubtful) carries the subject line: Antrax Info and body which reads:
si no sabes que es el antrax o cuales son sus efectos aquite mando una foto para que veas los efectos que tiene.
Nota:la foto esta un poco fuerte.
In English, this translates to:
If you don't know what antrax is or what the results of it are, please see the attached picture so that you can see the results that it has.
Note: the picture might be too strong.
The attached file is named "antraxinfo.vbs".
The virus also modifies the SCRIPT.INI file used with mIRC to facilitate spread via Internet Relay Chat.
Source...