Virus researchers have discovered a potentially dangerous new virus that deletes all files on an infected computer and also formats the machines C: drive.
The virus hasnt infected many computers yet, but Symantec Corp. has given it a High rating for both damage and distribution, meaning the potential for widespread infections is considerable.
JS.Gigger.A is a mass-mailing worm written in JavaScript and spreads by mailing itself to all of the addresses in a users Microsoft Corp. Outlook address book. The worm is also capable of spreading through mIRC.
Gigger is also network-aware, so that after it is finished with the machine it has infected, it searches for any networked or mapped drives and copies itself to them. The virus arrives in an e-mail carrying the subject line “Outlook Express Update” and an attachment named Mmsn_offline.htm.
The body of the message is “MSNSoftware Co.” Once the virus is executed it drops several files and modifies the Autoexec.bat file so that the C: drive will be formatted the next time the machine is restarted.
Gigger then installs a script file to enable it to spread via the mIRC chat client and creates two registry keys and modifies a third key. Lastly, it deletes all of the files on the local hard drive.