AV Vendors Warn of Clinton Worm

A new worm masquerading as a visual joke about Bill Clinton represents the latest social engineering attempt by virus writers to get users to commit an old mistake.

Payload damage is potentially serious, but horrible spelling errors make it unlikely that any but the least sophisticated users will be affected, antivirus vendors say.

The official name is the Caricature e-mail worm (W32/Caric-A), and Sophos advises that the virus is in the wild.

The subject line is "bill caricature" and the attachment is named "cari.scr."

One particularly insidious touch is text at the bottom of the message declaring that has failed to find a virus in the attachment. Unfortunately for the virus writer, the subtlety is blown by the virus writer's inability to spell: "No viruse [sic] found."

Users foolish enough to run the attachment anyway will see a cartoon of Bill Clinton playing a saxophone with a bra emerging from it. The worm will then forward itself to everyone in the victim's address book.

According to, the worm may attempt to wipe critical system files at certain times of day after a system restart.

"Fortunately, the terrible spelling in this worm's message will leave well-informed users in no doubt that this email is one to be avoided. Those practicing safe computing should not be caught out," says Chris Wraight, a technology consultant for Sophos Americas.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Basic Authentication Extended to 2H 2021 for Exchange Online Users

    Microsoft is now planning to disable Basic Authentication use with its Exchange Online service sometime in the "second half of 2021," according to a Friday announcement.

  • Microsoft Offers Endpoint Configuration Manager Advice for Keeping Remote Clients Patched

    Microsoft this week offered advice for organizations using Microsoft Endpoint Configuration Manager with remote Windows systems that need to get patched, and it also announced Update 2002.

  • Azure Edge Zones Hit Preview

    Azure Edge Zones, a new edge computing technology from Microsoft designed to enable new scenarios for developers and partners, emerged as a preview release this week.

  • Microsoft Shifts 2020 Events To Be Online Only

    Microsoft is shifting its big events this year to be online only, including Ignite 2020.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.