Spies hit Disney? No, just Melissa

Melissa virus leaks internal company memo to press corps. This time, there's nothing to embarrass the company

The Melissa virus was behind an email spam from Walt Disney Co. Wednesday. Disney inadvertently spammed a host of press members on Wednesday with an internal memo, because the Melissa.A virus, which had infected the memo, mailed out the attachment to a list of people from the company's address book.

The memo -- from Disney Vice Chairman Sandy Litvack -- described policy changes in the dates that employees (called "cast members" in Disney-speak) could attend the company's trademark theme parks for no charge.

While the incident doesn't appear to have caused any harm, it underscores the potential for computer viruses -- especially macro viruses -- to not only damage data, but to inadvertently publicise it as well.

"There is a danger that any type of virus that sends out email, especially macro viruses, could do something like this," said Darren Kessner, a senior virus researcher at Symantec Corp.'s Anti-virus Research Center.

The Melissa virus, which struck late last March, spawned a number of copycats, including Melissa.A -- the variant that hit Disney. When an infected document is opened, the virus infects the Word template file -- the starting point for all new Word documents -- and mails the currently open document to the top 50 addresses in the Microsoft Outlook address book.

Systems that are set to 'med' or 'high' security will notify the user that a macro is being run. Those systems that do not use Microsoft Outlook as a mail client will not send out the mass emailing. The variant does not destroy any data on the infected system.

However, if a document is created on an infected system, mailed to another user, and opened with Microsoft Outlook, the new document will be sent to the top 50 addresses on the new system. This appears to be what happened with the Litvack document.

Erik Wedin is one of two Disney employees who inadvertently sent out the infected document to a large number of press members. In an email message to ZDNN, Wedin insisted that Disney uses anti-virus software. "Our I.S. team is trying to figure out why (the virus) wasn't caught," he wrote.

"It's amazing that they didn't have more up to date anti-virus software in place," said Symantec's Kessner.

While the incident highlights the danger of viruses causing information leaks at companies, Kessner downplayed the danger of viruses being intentionally used for industrial espionage. "This is not the best way," he said. "Furthermore, most virus writers are not interested in the information they can get. They are more interested in getting their name out."

Take me to the Melissa Virus special

Take me to the Virus Workshop

Take me to Hackers