NEWS FROM THE LAB - Wednesday, March 17, 2004

Netsky.O tries to defame F-Secure Posted by Mikko @ 07:53 GMT

Not a big surprise: a new Netsky variant has been found. This one doesn't seem to be too widespread (we only have one report so far, from Australia). But it's nasty, as it sends messages with fake announcments from antivirus vendors claiming the attachment is scanned and declared clean - when it's not.

This variant names several antivirus vendors, including us.

Here's an example of an email sent by Netsky.O:

From: random-email-address
To: recipients-email-address
Subject: Re: Mail Authentification

Please authenticate the secure message.

+++ Attachment: No Virus found
+++ F-Secure AntiVirus - You are protected
+++ www.f-secure.com


We have just shipped detection for this variant.

Description is available at