Fresh from fending off the insistent advances of an e-mail virus disguised
as a love letter, computer users were facing new variations of the
destructive bug, one concealed as a joke, another as a confirmation notice
for a Mother’s Day gift order. E-mail systems were bombarded again Friday by
a nasty computer virus with new disguises, but computer users stung by the
first masquerade as a love letter were better prepared when the bug began
showing up as an e-mail joke or a Lithuanian invitation to coffee.
Antivirus software makers rushed out updates to fight as many as seven new
variations of the “love bug,” including another one that pretends to be a
receipt for a Mother’s Day gift. The original virus, which is labeled
“ILOVEYOU” and carries an e-mail attachment called “LOVELETTER,” struck
in at least 20 countries on Thursday, overwhelming computer networks and
destroying important computer files.
The CERT Coordination Center, a government-chartered computer emergency team
at Carnegie Mellon University in Pittsburgh, cited an unidentified Web
startup company where the virus destroyed the equivalent of 70,000
photographs stored in a popular digital image format that the bug is
programmed to attack.
CERT said that one infected organization with 12 computers was facing
$30,000 in recovery and lost productivity costs. The FBI and authorities in
the Philippines were investigating leads suggesting the virus originated in
Manila, including clues embedded in the virus’ program code and information
from an Internet service provider.
“It could be a lead or a red herring,” said one FBI official, who spoke on
condition of anonymity. “We’re not at a point where we are able to
definitively say what the origin was.” The FBI expanded its criminal probe
on Friday to include the new variations of the virus, which potentially were
created by copycat programmers who altered the code of the original bug.
The first copycat version of the virus began whipping across e-mail systems
by Thursday night, masquerading as a joke passed on by an acquaintance with
an attachment labeled “Very Funny.” But although it was spreading with the
same lightning speed as the original, computer security firms reported far
less damage among their customers — possibly as a result of the software
inoculations deployed by systems managers on Thursday and a more wary
attitude among computer users who were caught off guard by the first attack.
McAfee and other antivirus firms said they were receiving only isolated
reports of the Mother’s Day version and another with a subject line reading,
“Susitikim shi vakara kavos puodukui,” which translates from Lithuanian as
“Let’s meet tonight for a cup of coffee.”
In all cases, however, experts cautioned computer users not to open any
suspicious e-mail attachments, the mechanism that releases the virus to
burrow into a computer hard drive or network and destroy files. Friday’s
victims included United Nations headquarters in New York, where the e-mail
system was temporarily shut down.
Damage estimates from the outbreak started at hundreds of millions of
dollars, though mostly in lost work time; some experts said the cost could
reach $10 billion.
On the Net:
National Infrastructure Protection Center at http://www.nipc.gov/
CERT Coordination Center at http://www.cert.org
Anti-virus companies, including Symantec at http://www.symantec.com
Network Associates at http://www.nai.com
Dr. Solomon at http://www.drsolomon.com