A new, complex computer virus dubbed “Fizzer” has infected computers worldwide and is gaining momentum, antivirus researchers said Monday. Fizzer was actually discovered last week, and was initially deemed not a serious threat. However, by early Monday, it had spread to computers worldwide, with one antivirus firm saying it had trapped some 30,000 copies of Fizzer. Several security companies issued an alert and raised their risk rating on the worm. Still, a widespread outbreak is not anticipated.
“IT WAS NOT especially strong out of the gate,” said Craig Schmugar, virus researcher with Network Associates Inc. “But in terms of a percentage of increase, on Monday we had 700 percent increase in incidents over the end of last week.”
British-based antivirus firm MessageLabs indicated on its Web site that its software had intercepted over 30,000 copies of the worm destined for its customers by early Monday morning. At one point on Monday, 1 out of every 460 e-mails the firm screened contained the virus. But infection rates seemed to peak in the middle of the day on Monday.
Symantec Corp. spokesman Mike Bradshaw said 26 of its corporate customers had been hit with the worm. About another 100 home users had also received a copy of the worm, he said.
“Sometimes these things are like the weather. You don’t want to get into predicting,” said Kevin Haley, a group product manager at Symantec. Still, he didn’t anticipate a severe outbreak comparable to the Lovebug or even the resilient Klez, which infected tens of thousands of computers last year. Symantec had only raised its risk assessment to a medium-level 3 on a scale of 1 to 5. “But it will probably hang around a while,” Haley said.
Fizzer spreads via e-mail and the file-sharing program KaZaa. But its efforts to spread itself are relentless. Not only does it send a copy of itself to all addresses in an infected computer’s e-mail address book — it also generates random e-mail addresses at MSN, Earthlink, AOL and a host of other Internet services providers, much like spammers do, and sends e-mails to those, too.
It’s hard to tell consumers what to watch for: Fizzer arrives with a random subject line and attachment, generated from a large list of German and English words.
The worm also installs keylogging software on the victim’s computer, which can be used to watch keyboard strokes and steal passwords and other critical data. And it tries to find antivirus software on the target computer to disable it.
“This threat is very complex. It looks like it was well tested, on multiple platforms,” Schmuger said.
Victims will notice a considerable slowdown in their computer’s operations as the worm attempts to spread itself, but it causes no other obvious immediate damage.