ExploreZip stings Marine Corps HQ
October 22, 1999
By D. Ian Hopper
The worm that infected computers at the Marine Corps headquarters at the Pentagon early Friday was ExploreZip, an especially malicious virus that typically travels by e-mail, according to a Marine Corps spokesman.
Symantec Corporation told CNN that Marine personnel called a technical support line at Symantec to report the outbreak.
The outbreak affected unclassified documents, and did not impact any command or control capability, Maj. Dave Lapan said. The outbreak was attributed to a user opening an infected file attachment.
"Basically it was an inconvenience to the users who were affected. It just illustrates the hazards of opening files from unknown sources," Lapan said.
The Marine Corps has since restored all lost files from backups.
The ExploreZip worm replicates itself by mailing itself out to unread messages in Microsoft Outlook, Outlook Express and Exchange. It also searches mapped network drives and other networked computers for installations of Windows. Once found, it copies itself into the Windows directory of the remote machine, according to the Symantec AntiVirus Research Center.
The program then destroys a host of files based on file extension, specifically targeting C language code files, Microsoft Word, Excel and PowerPoint files, among others. Rather than simply deleting files - which could then be undeleted - the worm resets the file size to zero bytes, making them much more difficult to recover.
In June, an ExploreZip outbreak infected computers at many large businesses, including AT&T, Microsoft, Boeing and General Electric.
The worm was first discovered in Israel, and was submitted to Symantec in June. It can be removed using popular anti-virus programs with updated virus definition files
Melissa spawns dangerous offspring
|Back to the top||
© 2001 Cable News Network. All Rights Reserved.|
Terms under which this service is provided to you.
Read our privacy guidelines.