As if we didn't have enough worms to turn in cyberspace, along comes a new one, Netsky-D, said to be clogging e-mail systems since appearing early March 1 and considered especially hard to smoke out because it disguises itself as a .pif file and hits your inbox using several different subject lines - similar to MyDoom, though experts say it isn't quite as big or as fast-moving... yet.
But antivirus/security company Sophos has already said Netsky-D is widespread enough. And senior technology consultant Graham Cluley said many users don't realize .pif files can be just as malicious as .exe, .scr, and .vbs files.
"All users should be wary of any unsolicited e-mail attachment which arrives in their inbox," Cluley said in an advisory on the Sophos Website. "Ideally, all businesses would proactively filter executable content at the gateway, so it cannot reach tempted users."
Symantec, the makers of Norton Antivirus, has Netsky-D rated as low distribution with easy containment for the time being.
Netsky-D isn't the only new worm causing headaches for antivirus and security watchers. Sophos is warning of five more variants of Bagle, released over the weekend, prompting Cluley to speak of March madness in terms having nothing to do with the annual college basketball championships.
"To avoid being hit by one of these prevalent worms, users should be wary of any unsolicited email which arrives in their inbox," he said. "Businesses can add an extra layer of protection by proactively filtering out viruses at the gateway."
Netsky-D is of a rather heinous lineage: the earlier Netsky-B variant has been rated the third-worst computer worm ever, behind MyDoom.A and Sobig C. Netsky-C, coming between B and D, of course, posed as online porn, security patches, and even hacks and cracks when it appeared toward February's end.
