An Internet-worm invades computers from an infected web page

01 Jul 2000
Virus News

Kaspersky Lab Int. Warns to Be Careful Using the Internet!

Cambridge, UK, July 2, 2000 - Kaspersky Lab Int., an international anti-virus software development company, announces the discovery of a new Internet-worm "Jer", which has an ability to penetrate computers at the moment users visit infected web pages.

"The worm is not so dangerous compared to such deplorably known monsters as "Chernobyl" or "Melissa". Also, it has some errors that enable a spreading routine only using IRC channels, but not e-mail. If there were not such primitive, errors the world would face yet another global epidemic comparable to "LoveLetter," said Eugene Kaspersky, Head of Anti-Virus Research at Kaspersky Lab. "However, the appearance of this worm demonstrates the new technology of "promoting" viruses on the Internet. Firstly, the virus is placed on a web site. Then its owner carries out an aggressive promotional campaign to attract more users to this site. This has an eye to at least several dozens of many thousands of new visitors, who will pass the virus on to their computers".

The "Jer" worm uses a primitive, but very effective way of penetrating computers. A web site contains a script-program (the worm itself), which is automatically executed after a user opens an infected HTML page. Then a user receives a warning from the system whether to accept this unknown script or not. This method exploits so-called "mind breaches": to avoid this annoying message a user will answer "yes".

Right after this moment, the worm will be passed on to the computer.

This is exactly the same way on July 2 the "Jer" author placed the worm on a web site within the Geocities community. It had an inviting title saying: "

Protection against the "Jer" worm has already been added to the upcoming daily update of AntiViral Toolkit Pro (AVP).

You can purchase AntiViral Toolkit Pro online via the Internet.
Technical Details