Fast-infecting polymorphic virus causing a stir

by Graham Cluley on February 12, 2009 | Comments Off

Filed Under: Malware

We've had some customers this morning asking us about a Windows virus that targets HTM, HTML, PHP and ASP web files, as well as executables, as it spreads via network drives and USB sticks.

The questions seem to be coming to light because of a report in The Register based upon a blog post from our friends at Trend Micro.

The malware (which is called Virut and Virux in the report) is detected by Sophos as W32/Scribble-A, and has been protected against since 3rd February.

You can learn more about it in a blog post made by SophosLabs researcher Richard Cohen earlier this week.

Tags: scribble, virut, virux, WWW

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.

View all posts by Graham Cluley