EQHost - Economic and Quality Application Web Host for International

Back to Newsroom

News

EQHost fights back against the dreaded virus, worms, and trojan horses.

Wednesday August 01, 2001
Company Press Release
SOURCE: A & P

Most people don't keep their anti-virus software sufficiently updated, if they even have it at all! EQHost recognizes the seriousness of an e-mail virus and the damage it can do to our client's infected computer. We have recently installed Anti-virus Software (AVS) with every e-mail account to help stop this predator!

Our AVS is updated regularly to protect against the most current known viruses. If an infected e-mail is sent to your e-mail box, the AVS leaps into action by capturing and quarantining the tainted mail. Then an automatic reply is sent to alert multiple parties of the sending process:

1. The client is sent an alert which tells who it was from and the subject of the e-mail which has been detained.

2. The e-mail sender whose computer is infected with the virus is sent an alert. The sender is advised that their computer has sent the tainted e-mail and they should take action to contain their computer's problem.

3. The server host where the e-mail originates is sent an e-mail advising them that their e-mail servers are allowing this virus to pass through them, and it encourages these hosts to take responsibility to help stop the transmission of viruses.

What is a Virus?
A computer virus is executable code that, when run by someone, infects or attaches itself to other executable code in a computer in an effort to reproduce itself. Some computer viruses are malicious, erasing files or locking up systems; others merely present a problem solely through the act of infecting other code.

Example Viruses
W32/Nimda.A@mm or Nimda is a complex virus with a mass mailing worm component which spreads itself in attachments named README.EXE. If affects Windows 95, Windows 98, Windows Me, Windows NT 4 and Windows 2000 users. Nimda is the first worm to modify existing web sites to start offering infected files for download. Also it is the first worm to use normal end user machines to scan for vulnerable web sites. This technique enables Nimda to easily reach intranet web sites located behind firewalls - something worms such as Code Red couldn't directly do.

The "Melissa" virus -- which became a worldwide phenomenon in March of 1999 -- was so powerful that it forced Microsoft and a number of other very large companies to completely turn off their e-mail systems until the virus could be contained. The "ILOVEYOU" virus in 2000 had a similarly devastating effect. That's pretty impressive when you consider how simple the Melissa and ILOVEYOU viruses are!

What is a Worm?
A worm is a computer program that has the ability to copy itself from machine to machine. Worms normally move around and infect other machines through computer networks. Using a network, a worm can expand from a single copy incredibly quickly. For example, the Code Red worm replicated itself over 250,000 times in approximately nine hours on July 19, 2001.

Example Worms
Wscript.KakWorm spreads using Microsoft Outlook Express. It attaches itself to all outgoing messages using the Signature feature of Outlook Express and Internet Explorer newsgroup reader. The worm utilizes a known Microsoft Outlook Express security hole so that a viral file is created on the system without having to run any attachment. Simply reading the received email message causes the virus to be placed on the system.

W32.Sircam is a mass mailing email worm. This worm will infect Windows systems. SirCam spreads by sending itself to other addresses found in the Windows Address book and temporary internet files. The worm arrives with the random subject and the body of the mail carries constant first and last line.

First Line: Hi! How are you?
Last Line: See you later. Thanks

The content in between the first line and the last line varies.

Infected mail carries an attachment with a random file name with double extensions. The first extension of the infected attachment carries EXE, DOC, XLS, ZIP and the second extension as PIF, COM, LNK, BAT.

What is a Trojan Horse?
The most elementary form of malicious code is the Trojan horse. This kind of program appears to do something useful, or at least entertaining, such as putting up an attractive screen saver. Like its legendary namesake, however, a Trojan horse program conceals a destructive purpose: While running, such a program may destroy files or create a "back door" entry point that enables an intruder to access your system. A Trojan Horse differs from a virus in that the former does not attempt to reproduce itself.

Example Trojan Horse
FireCracker v 2.0 Feb 2001

This Trojan disables most popular firewalls, thus making PC user defenseless against malicious actions. Vulnerable are AT Guard, Zone Alarm and or McAfee Firewall. By the moment of this writing no defense has been announced by the producers of above mentioned products.

Quoted Anti-virus comments made by our clients:

I received an email from the server saying that it had blocked an email with a virus, so the patch is working great. I had to laugh though that the email it was coming from was an msn.com email address - I am amazed that they have not taken any precautions.

Kay - United Kingdom

Yes I noticed all these virus warnings and was concerned about this as well. Thank you for updating the servers with anti virus software. Great job you guys. Of course we run as well anti virus sofware on our systems and never open any attachements.

Max - United States

Word of caution:
Of course, if you are using e-mail which comes into the mail server at EQHost you will be protected from these viruses, worms and trojan horses. However, one word of warning. You should still install your own anti-virus software and keep it updated on a regular basis. This will serve as a safety net in the event that one of these would ever slip through our system. We do not accept liability if these instances were to occur.

###