Security Companies Quickly Defeated Kournikova

Apparently Anna Kournikova – the virus – had even less success than its namesake did on the pro tennis circuit this year.

Within hours of its release, the Anna Kournikova worm had been counteracted by dozens of widely available patches from many of the top security vendors. Sophos Anti-Virus, Norman Data Defense Systems, Microsoft, Trend Micro Inc., and Panda Software were among the first to release patches.

The worm itself was barely harmful. A simple VBScript that simply forwarded itself to every address in an infected user’s Outlook mailbox, the virus, known also as VBS/SST-A or VBS/Onthefly, also set the infected user’s Web browser to point to a site in the Netherlands on a certain date.

While the virus itself did little damage other than mischief, it is part of a growing trend of viruses spreading through insidious psychological means. The Anna Kournikova virus was “probably the biggest virus incident since [the] Love Bug,” according to Graham Cluley, senior technology consultant for Sophos Anti-Virus. The Love Bug appealed to users’ emotions, while the Kournikova worm had users’ more prurient interests in mind.

“This virus is the latest to exploit psychology to aid its spread amongst gullible users,” said Cluley. “Our message to computer users is simple – think with your brain, not with your groin.”

A virus that plays on (mostly young male) techies’ penchant for looking at online pictures of Anna Kournikova may seem like a mostly harmless prank, but the Kournikova worm is just the latest to cost organizations around the world money, time, and resources. A report by Computer Economics Inc. determined that the economic impact of virus attacks on systems around the world was $17.1 billion in 2000, with the Love Bug alone costing organizations $8.7 billion in network downtime, disinfection, and lost productivity.

“Unfortunately, there’s no silver bullet for security,” said Tim Kinnear, president and CEO of, a network security vendor. “You can’t deploy a one-shot solution and think you’ve solved the problem.”

Dozens of security teams, as well as law enforcement officials, helped to quickly quash the virus and its author, a Dutch hacker known as On the Fly. The 20-year old hacker was arrested on February 14, and in a statement on the Internet, reiterated what security professionals have stated all along, albeit in a backhanded manner: “But after all: It’s their own fault they got infected.” In a related incident, the author of the Vbs Worm Generator, the virus authoring tool used to create the worm, removed the application from his Web site.

“A feeble excuse on the Internet for why he did it won’t help the thousands of users who were infected by this virus,” said Cluley. – Isaac Slepner

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Surface and ARM: Why Microsoft Shouldn't Follow Apple's Lead and Dump Intel

    Microsoft's current Surface flagship, the Surface Pro X, already runs on ARM. But as the ill-fated Surface RT showed, going all-in on ARM never did Microsoft many favors.

  • IT Security Isn't Supposed To Be Easy

    Joey explains why it's worth it to endure a little inconvenience for the long-term benefits of a password manager and multifactor authentication.

  • Microsoft Makes It Easier To Self-Provision PCs via Windows Autopilot When VPNs Are Used

    Microsoft announced this week that the Windows Autopilot service used with Microsoft Intune now supports enrolling devices, even in cases where virtual private networks (VPNs) might get in the way.

  • Most Microsoft Retail Locations To Shut Down

    Microsoft is pivoting its retail operations to focus more on online sales, a plan that would mean the closing of most physical Microsoft Store locations.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.