Programming pranksters have released two Internet worms that seek to tempt victims with Sept. 11-related messages. Both have been rated low risks by anti-virus firms. F-secure Corp. says the first, called “Chet,” is hampered by programming bugs, and doesn’t work as its author intended. And Symantec Corp. says Nedal — Laden spelled backwards — just hasn’t spread around the Internet.
F-SECURE ISSUED a warning about Chet Tuesday evening at about 8 p.m. ET, just hours before the anniversary of last year’s Sept. 11 attacks. The company says on its Web site that the program was written in Russia, but isn’t likely to spread because it has “lots of bugs.”
Vincent Weafer, senior director of the Symantec Security Response, said none of his customers had reported receiving the worm.
“Beyond the novelty factor, I don’t think there’s going to be major problem with this,” he said.
Nedal spreads via Internet Relay Chat and e-mail, according to Panda Software.
The message that carries the worm has the subject “Osama Bin Laden Comes Back!” But according to Symantec’s Mike Bradshaw, the company has received “no submissions, and it doesn’t seem to be spreading.”
Chet arrives at a victim’s computer from “main@world.com.” with the subject line “All people!!” The attachment is labeled “11september.exe.”
If a victim clicks on the attachment, the worm will attempt to spread in the familiar way, by e-mailing itself to everyone in the victim’s address book.
Recipients might be tempted to click on the attachment because it promises photographs that offer new evidence about the Sept. 11 terrorist plot.
“It isn’t a virus!” the e-mail concludes. “You can trust us absolutely. We hope, that it will open your eyes on many things occurring in this world.”
In the past, antivirus companies have warned about computer attacks surrounding major holidays or anniversaries, but none have caused any real damage.
“The closest would be Y2K,” Weafer said. “We saw a couple of things then, but they weren’t significant. ... On days like that, so many people are paying attention to network systems, people are on watch for (viruses).”
While Chet isn’t deemed a threat, next week marks the anniversary of the Nimda worm, which caused a massive outbreak that infected over 2 million computers beginning last Sept. 18. Weafer said virus writers seeking to capitalize on that anniversary might be a bigger concern.
Next Wednesday, to mark that anniversary, President Bush’s special advisor for cyber security, Richard Clarke, is unveiling his plan for improved national cyber security.