News

Hacker Claims Credit to 'Here You Have' Virus in YouTube Video

In a video posted to YouTube on Sunday, a hacker by the name of "Iraq resistence" has taken credit for the "Here You Have" e-mail virus and has stated the worm has "… affected NASA, Coca-Cola, Google and most American [companies]." 

The video, posted with a computerized female voice, cites America's foreign policy, specifically with regards to Iraq, for the reason behind the individual unleashing the malware into the public. The anonymous person also went on to criticize the U.S. media for calling the hacker in question a terrorist and not giving Terry Jones, the Florida preacher who had planned to host a Koran burning on the anniversary of 9/11, the same label.  

Written in Visual Basic and time stamped 9/3/2010, the malware sends out e-mails that provides a link to a supposed PDF file or video. The link then redirects users to an executable file that installs the virus and an autorun.inf file to local drives. Once installed, it attempts to disable any antivirus software and then sends e-mails to a link to the virus to all contacts in a user's Outlook address book.

According to a Microsoft Malware Protection Center (MMPC) blog posting, the worm has spread through many U.S. enterprises through their Outlook system.

"As more machines on a corporate network are infected, more and more e-mail is sent around on the local network, which can cause mail server performance degradation. The threat also sends back information about the compromised system, specifically IP addresses and system information via a built-in SMTP/ESMTP (mail-transfer) engine," Microsoft commented in the MMPC blog entry.

As of Friday, the link that leads to the malware has been deactivated. However, Microsoft warns the threat of corporate inboxes being filled by e-mails coming from corrupted computers is still taking place. They also point out that the majority of personal computer users have not been hit by the worm, with 98 percent of reported affected systems coming from "business environments."

The "Here you have" virus is very reminiscent of earlier malware sent through e-mail that was largely predominant ten years ago, like the "iloveyou" worm. However, unlike the 2000 virus that automatically installed on a user's computer when the e-mail was simply opened, the "Here you have" worm was accessed only by clicking on the link provided in the e-mail body.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Spaceflight Training in the Middle of a Pandemic

    Surprisingly, the worldwide COVID-19 lockdown has hardly slowed down the space training process for Brien. In fact, it has accelerated it.

  • Surface and ARM: Why Microsoft Shouldn't Follow Apple's Lead and Dump Intel

    Microsoft's current Surface flagship, the Surface Pro X, already runs on ARM. But as the ill-fated Surface RT showed, going all-in on ARM never did Microsoft many favors.

  • IT Security Isn't Supposed To Be Easy

    Joey explains why it's worth it to endure a little inconvenience for the long-term benefits of a password manager and multifactor authentication.

  • Microsoft Makes It Easier To Self-Provision PCs via Windows Autopilot When VPNs Are Used

    Microsoft announced this week that the Windows Autopilot service used with Microsoft Intune now supports enrolling devices, even in cases where virtual private networks (VPNs) might get in the way.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.