Security Companies Quickly Defeated Kournikova

Apparently Anna Kournikova – the virus – had even less success than its namesake did on the pro tennis circuit this year.

Within hours of its release, the Anna Kournikova worm had been counteracted by dozens of widely available patches from many of the top security vendors. Sophos Anti-Virus, Norman Data Defense Systems, Microsoft, Trend Micro Inc., and Panda Software were among the first to release patches.

The worm itself was barely harmful. A simple VBScript that simply forwarded itself to every address in an infected user’s Outlook mailbox, the virus, known also as VBS/SST-A or VBS/Onthefly, also set the infected user’s Web browser to point to a site in the Netherlands on a certain date.

While the virus itself did little damage other than mischief, it is part of a growing trend of viruses spreading through insidious psychological means. The Anna Kournikova virus was “probably the biggest virus incident since [the] Love Bug,” according to Graham Cluley, senior technology consultant for Sophos Anti-Virus. The Love Bug appealed to users’ emotions, while the Kournikova worm had users’ more prurient interests in mind.

“This virus is the latest to exploit psychology to aid its spread amongst gullible users,” said Cluley. “Our message to computer users is simple – think with your brain, not with your groin.”

A virus that plays on (mostly young male) techies’ penchant for looking at online pictures of Anna Kournikova may seem like a mostly harmless prank, but the Kournikova worm is just the latest to cost organizations around the world money, time, and resources. A report by Computer Economics Inc. determined that the economic impact of virus attacks on systems around the world was $17.1 billion in 2000, with the Love Bug alone costing organizations $8.7 billion in network downtime, disinfection, and lost productivity.

“Unfortunately, there’s no silver bullet for security,” said Tim Kinnear, president and CEO of, a network security vendor. “You can’t deploy a one-shot solution and think you’ve solved the problem.”

Dozens of security teams, as well as law enforcement officials, helped to quickly quash the virus and its author, a Dutch hacker known as On the Fly. The 20-year old hacker was arrested on February 14, and in a statement on the Internet, reiterated what security professionals have stated all along, albeit in a backhanded manner: “But after all: It’s their own fault they got infected.” In a related incident, the author of the Vbs Worm Generator, the virus authoring tool used to create the worm, removed the application from his Web site.

“A feeble excuse on the Internet for why he did it won’t help the thousands of users who were infected by this virus,” said Cluley. – Isaac Slepner

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Microsoft Clarifies Project Cortex's Scope, IT Controls and Product Delivery in Q&A

    Microsoft recently offered a Q&A session on Project Cortex, its emerging "knowledge network" solution for Microsoft 365 users.

  • How To Use .CSV Files with PowerShell, Part 2

    In the second part of this series, Brien shows how to import a .CSV file into a PowerShell array, including two methods for zooming in on just the specific data you need and filtering out the rest.

  • Windows 10 Preview Adds Ability To Display Linux Distro Files

    Microsoft on Wednesday announced Windows 10 preview build 19603, which adds easier access to installed Linux distro files using Windows File Explorer.

  • Microsoft 365 Business To Get Azure Active Directory Premium P1 Perks

    Subscribers to Microsoft 365 Business (which is being renamed this month to "Microsoft 365 Business Premium") will be getting Azure Active Directory Premium P1 licensing at no additional cost.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.