JS/IllWill virus (http://vil.nai.com/vil/content/v_99242.htm). I have received about 100 of them today sent to various users, all with blank subject lines and the virus attached as a zip file. The odd thing is that it doesn't appear that this one is transmitted generally via email, usually it is transmitted via a web page. So I thought that it was being sent manually by someone but I have gotten them from all over not just a certain IP or domain.

It looks like McAfee has misdiagnosed the name of it. It is really called W32.Beagle.AO@mm (http://securityresponse.symantec.com/avcenter/venc/data/w32.beagle.ao@mm.html) by Symantec and others.

Here (http://www.msnbc.msn.com/id/5652313/) is more info.

I got a ton of them yesterday - all with spoofed "froms", people that I know. What scares me is they got through Earthlink's virus filter (which is Symantec) but my NAV 2K3 caught them all. Thank god for automatic live update.

My Norton was updated using intelligent updater 24 hours previous and live update was enabled, still two e-mails got through undetected. It is fortunate that I have been reading regularly and recognized them as a new virus.

I have been a Norton user for some time now and have had this happen twice in the past year. I just switcehd to NOD32 on the advice of several other forum members. I'm not knocking Norton. It has been good to me and I have not been infected with any viruses lately but the possibility of someone less knowledgable having opened one of these e-mails was enough to get me a little concerned.

I have trained everyone in my home to open NOTHING with an attachment unless they KNOW what it is. But still...

Two undetected e-mails with everything supposedly updated.


Gots to stay on top of this stuff.



-Kev

No matter what AV you use, there is going to be a lag time between initial infection and detection and consumer update availability - the real measure of efficiency is the amount of lag - I predict that for everyone these lag times will increase somewhat as the Virus writers get better and the intial version is analyzed. Of course on subsequent variants I do not see this as an issue (or better not!).

Good point. The first line of defense is user awareness. If I had not been using safe web habits and had my own mind updated on the latest threats I could have easily been infected.

User knowledge and awareness of threats is even more important than updated programs.


-Kev

I prescreen my mail using the Earthlink web interface before downloading - this way I can tag the spam as spam. I noticed a crapload of these sitting in the inbox when I got home - all with .zip attachments. I downloaded them just to see what they were - and Norton stripped every one on the way in.