Virus poses as Christmas e-mail

Virus poses as Christmas e-mail

Security firms are warning about a Windows virus disguising itself as an electronic Christmas card. The Zafi.D virus translates the Christmas greeting on its subject line into the language of the person receiving infected e-mail. Anti-virus firms speculate that this multilingual ability is helping the malicious program spread widely online. Anti-virus firm Sophos said that 10% of the e-mail currently on the net was infected with the Zafi virus. Like many other Windows viruses, Zafi-D plunders Microsoft Outlook for e-mail addresses and then uses mail-sending software to despatch itself across the web to new victims. To be infected users must open up the attachment travelling with the message which bears the code for the malicious bug. The attachment on the e-mail poses as an electronic Christmas card but anyone opening it will simply get a crude image of two smiley faces. The virus’ subject line says “Merry Christmas” and translates this into one of 15 languages depending of the final suffix of the e-mail address the infected message has been sent to. The message in the body of the e-mail reads: “Happy Holidays” and this too is translated. On infected machines the virus tries to disable anti-virus and firewall software and opens up a backdoor on the PC to hand over control to the writer of the virus. The virus is thought to have spread most widely in South America, Italy, Spain, Bulgaria and Hungary. The original Zafi virus appeared in April this year. “We have seen these hoaxes for several Christmases already, and personally I prefer traditional pen and paper cards, and we recommend this to all our clients too,” said Mikko Hypponen, who heads F-Secure’s anti-virus team.