<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote
The latest variant of the Klez virus started spreading 10 days ago. The virus e-mails itself from infected machines using a bogus "From" address randomly plucked from all e-mail addresses stored on an infected computer's hard drive or network.
Someone else’s machine, Van.
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote
Recipients of the virus-laden e-mails, not understanding that the "From" information is virtually always phony -- or even that they have received a virus -- have been clogging networks with angry and confused e-mails that are causing a great deal of cyber-havoc.
Not even from whom the email says it’s from.
Here’s how one infectee reported it:
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>We are not infected with the Klez virus. We don't know if you are infected with the Klez virus. You may be. But even if you are not, someone out there who is infected has both your address and our address on their computer ... and therein lies the problem," the explanation reads, in part.
In some cases, it almost seems as if Klez is specifically targeting particularly vulnerable e-mail addresses onto which it can piggyback. <HR></BLOCKQUOTE>
And…
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote
… tracing information indicates the e-mails were actually sent from an Internet service located in the United Arab Emirates.
Oh!
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote
Some users have even reported receiving spooky e-mails from deceased friends.
Oh, oh!
Here’s your meat, Van
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Klez e-mails' subject lines are randomly chosen from a pre-programmed list of about 120 possibilities, including "Let's be friends," "Japanese lass' sexy pictures," "Meeting Notice," "Hi Honey" and "SOS." Klez also sends fake "returned" or "undeliverable" e-mails, advising the supposed sender that their original, refused e-mail is contained in the attachment. Clicking on the attachment triggers the virus.
The virus can launch automatically when users click to preview or read e-mails bearing Klez on systems that have not been patched for a year-old vulnerability in Internet Explorer, Outlook and Outlook Express. Klez only affects PCs running Microsoft's Windows operating system.<HR></BLOCKQUOTE>
And typically Microsoft Outlook and Microsoft Outlook Express are always the ones who get hit and hit hardest with these worms. Although other mailers and address books may not be impervious, Worms sure do love Microsoft!!!
------------------
Allen Moulton from
Uechi-ryu Etcetera