A new variant of the Netsky worm was spreading very quickly on Monday. The news comes on a day where firms are already dealing with five new variants of the Bagle worm.
Previous Netsky worms scanned the hard drives of infected computers to collect e-mail addresses, which were then used to spread the worm via a built-in SMTP e-mail engine. The worm also copied itself to any shared folders it discovered. The latest variant is different because it does not copy itself into a "shared" folder and is slightly smaller in size.
However, the worm is spread as an executable attachment and will cause infected computers to play a series of beeps from their PC speakers between 6 a.m. and 8.59 a.m. on March 2.
Graham Cluley, a senior technology consultant for Sophos, told ZDNet UK that Netsky.D is already filling up e-mail gateways and is expected to get much worse before it gets better. "We are getting reports from companies that thousands of copies of the virus have started clogging up their e-mail systems--in a similar way to the Sobig virus last year," he said.
According to Cluley, these types of worms are as much of a spam problem as they are a virus problem: "The main problem this kind of virus causes is it turns your e-mail connection into porridge because it clogs it up. Even if you are stopping the virus at your gateway, your gateway has to churn through all this extra e-mail it is suddenly receiving," he said.
Cluley said the worm will spread even more as the United States "wakes up" and Americans start turning on their PCs. "America has just woken up and will be opening its inboxes, and hopefully won't be double-clicking on the attachment, but we anticipate the worm will increase in its prevalence over the coming hours," he said.
Finnish security company F-Secure has given Netsky.D its highest alert (Level 1) because the worm continues to spread at "almost record-breaking speeds".