Go to Home Page GuidesHow to ArticlesReviewsForumsFrequently Asked QuestionsNewsLinksPotpourri

Site Search

 

The Sircam Virus/Worm
Last updated: 9/5/01

9/5 SirCam Worm Still a Serious Threat. The problem is that so many average Joes continue to spread the infectious code because they haven't updated their antivirus software.  I still get many SirCam infected messages...

8/6 SirCam Worm Determined to Stick Around

7/28 (updated) The Sircam Virus/Worm is for Real!  This is a nasty virus that is spreading all over the Internet and can destroy your data.  My inbox continues to receive infected mail and many repeated mailings from people who probably do not realize the messages are being sent and do not know that the virus is randomly choosing files from their computer and sending them to the world.  I have tried to contact the originators of these messages, but many have full mailboxes or invalid E-Mail addresses.  I have tried to trace the E-Mail from those people and to contact their ISPs, but have not been successful in all cases.  Please update your anti-virus program and scan your mailbox!  The most recent McAfee, which I use, works well.  Some versions of Norton have problems and need another update, which I understand is now available.  Click here for more information.

7/28 You Have Not Seen the Last of SirCam. Antivirus experts expect the SirCam virus to take a breather over the weekend, but it may pick up new steam as vacationing Europeans return to work Monday.

7/27 Sircam Virus Eludes Symantec Anti-virus Scanning Update. "The uniqueness of Sircam is something we haven't seen before -- it supplies its own SMTP server." said Miller. "It doesn't use the existing SMTP infrastructure, so it eluded some of our detections."  More here.

7/25 Sircam Virus Removal ToolDeletes the files infected with the Sircam worm and removes the changes that were made to a computer by the virus.

7/25 How to Protect Your PC From the SirCam Worm

7/25 Hotmail Fails to Block SirCam Worm

7/25 SirCam Worm Snatches FBI Documents. A cybercrime researcher at the FBI slipped up while handling a virulent Internet worm, allowing it to e-mail official documents to outsiders.  An added twist with this particular worm is that it sends a random file from the infected computer's hard drive, which means the worm could potentially send confidential business data or embarrassing personal information along with itself.

7/24 (updated) The Sircam Virus/Worm is for Real!  So far, I have received over 20 messages with the virus and have lost count.  The text of the message propagating the worm as an attachment contains:

Hi! How are you?
I send you this file in order to have your advice
See you later. Thanks

The text may be in Spanish (see below).  This is a nasty virus that can destroy your data.  Do not open the attachment.  Symantec has more info and instructions for getting rid of it.

For Apple users... E-Mail from tidbits.com

"Larry's right - this one is a nasty one for PC users (it doesn't
affect Macs, other than to be annoying with all the downloads). We've tried to block some of the attachments at the mail server, but it's  fairly likely that you'll get a few of these. The text of the message
may also be in Spanish.  From what we've seen, they tend to have two filename extensions, like .doc.pif or .xls.com. The second one is designed to make the file executable. The best thing to do is just delete the messages and their attachments, but see the page Larry references for full details.

cheers... -Adam"

SirCam Clogs Mailboxes, Spreads Secrets. The SirCam worm continued to gain momentum, carrying with it the potential to slow servers and send company secrets.  SirCam sends a random file from the infected computer, potentially sending confidential business data or embarrassing personal information along with the virus... memos, resumes, job listings, credit card numbers...The subject line matches the name of the file being sent...

Sircam worm spreading; vendor warnings upgraded

Copyright, Disclaimer, and Trademark Information Copyright © 1996-2006 Larry F. Byard.  All rights reserved. This material or parts thereof may not be copied, published, put on the Internet, rewritten, or redistributed without explicit, written permission from the author.