Computer virus exploits SARS outbreak

24 Apr 2003

Computer users have been warned to be on the look out for a new computer worm that is taking advantage of people’s fears of the SARS (severe acute respiratory syndrome) killer flu virus.

The worm is known as either W32/Coronex or Coronex-A and forwards itself to all the contacts in a computer user’s Outlook address books. The worm is activated when users open fake attachments that claim they offer details on the current SARS epidemic.

The worm uses a variety of subject lines, message bodies and attachment names to entice users into double-clicking such as ‘Severe Acute Respiratory Syndrome’, ‘SARS Virus’ and ‘Hongkong.exe’. Hong Kong is believed to be the epicentre of the outbreak.

Experts say the virus is a prime example of ‘social engineering’, the term used to describe psychological trickery that virus writers resort to when trying to ensure maximum exposure for their weapons of mass email destruction. A typical example of social engineering is the use of familiar names or terms of endearment such as the I Love You virus that swept corporate networks last year, causing millions of dollars’ worth of damage.

While the spread of the Coronex-A virus has so far been minimal, computer users have been warned to update their anti-virus protection software and blocking executable (.exe) files at the network’s gateway.

By John Kennedy