I was sent this virus alert from message labs today regarding a new varient of a previous virus worm. see details below:-
Warning: New Mimail variant spreading at high rate
Extent of Mimail.J overtakes other variants of the worm
During 17th and 18th November 2003, MessageLabs, the email security company, has intercepted a high number of copies of a further variant of the Mimail email worm – W32/Mimail.J. The initial copy of the new variant originated from France. To date, the majority of infected emails have been sent from the USA - 74% of the total number of emails seen.
Number of copies intercepted so far: 23,310
Time & Date first Captured: 17th Nov 2003, 16.19 GMT
Origin of first intercepted copy: France
The worm arrives as an attachment to an email called either InfoUpdate.exe or www.paypal.com.pif. The sender’s email address is forged, and therefore does not indicate the true identity of the sender.
The worm spreads by emailing copies of itself to email addresses harvested from the infected computer.
When launched, the worm displays a bogus PayPal credit card verification window. The information entered into this window is then saved in a file named ppinfo.sys, which is subsequently sent to a remote server.