One Year Ago: Anti-Virus Vendors Warn Of New Y2K Viruses

As Y2K war room staffers dozed or watched world celebrations due to a lack of serious date switchover-related problems, utility software vendors were monitoring the Net for new virus threats.

For instance, as the world braced itself for the highly anticipated year 2000, Trend Micro (Nasdaq: TMIC) discovered 14 new viruses, posted advisories for online consumer and business users, and updated its anti-virus software through its official Web site.

Virus Roll Call

Several of the viruses were found to have infected Trend Micro’s business client sites. The list of new cyber organisms included the PE_CRYPTO memory resident infector that utilizes encryption and deletes anti-virus related files to evade detection. Other discoveries include TROJ_ZELU, a trojan that is designed to appear as Y2K checking software, the visual basic generated VBS_LUCKY2000 and W97M_Chantal.B, a Word 97 macro virus that attempts to erase a user’s hard drive.

Try a ‘HouseCall’

Trend Micro has set up its World Virus Tracking Center, which monitors virus activity in real time to provide users with infection patterns and appropriate advisories. The center recorded more than 4,000 infected computer systems during the past week.

The company has advised users to take a number of steps to minimize risk of infection: Update virus protection software, avoid opening any suspicious or unexpected e-mail attachments, use free online virus scanners such as Trend Micro’s HouseCall, and set browser and Windows security settings to high in order to prevent certain script viruses from automatically executing.

Exploiting Fears

Computer Associates has also issued a series of virus-related advisories for online consumers and businesses, including “Feliz Trojan,” a Portuguese “Happy New Year” trojan that deletes files and displays a bitmap face that states “FELIZ ANO NOVO!!!” From there, users may not be able to boot.

The company has also warned users about the “Wscript/Kak” worm, which infects users of Microsoft’s Outlook Express 5.0 e-mail program on Windows 98. The worm, according to Computer Associates, is spread by opening infected e-mail.

“Though this virus isn’t Y2K-related, its discovery further confirms that hackers will exploit user fears throughout the Y2K changeover,” commented Simon Perry, Computer Associates security business manager.

“Since the user doesn’t even have to open the attachment for the worm to be executed, this has the potential to spread rapidly and quietly.”