Virus Alert: Europe resists NakedWife's charms

Anti-virus experts warn European companies of lewd email attachments

The virus masquerading as an image of someone's wife, which struck scores of US companies on Tuesday, has failed to reach European shores, according to anti-virus experts, who say that European computer users may have benefited from an early warning.

By Wednesday evening in the US, 68 organisations had reported being infected by the virus, anti-virus vendors said. According to McAfee UK, however, only one British company has so far succumbed to this naked lady's charms. UK-based anti-virus company, Sophos says that between 10 and 15 firms in Europe have been affected.

European product manager for McAfee, Jack Clark, says that because the virus began in the US, Europe was forewarned. "The direction it has come from has been useful," he says. "It has helped thwart the threat, and if people act now, we can stop this naked lady in her tracks."

Peter Cooper, head of IT support for Sophos, also says that this may be a significant factor in the spread of the virus across the continent. Both these experts, however, say that European companies should remain vigilant. "These things can still explode," says Clark.

The virus propagates itself in a similar manner to the Love Letter virus and the Anna Kournikova worm. "Unless users begin to exercise caution with e-mail attachments, virus writers will continue to be in the winning corner," warns Patrick Hinojosa, general manager and vice president of US anti-virus firm, Panda, in a statement.

The virus comes in an email from a known person, with a subject line that promises a rude picture: "My wife never looked like that :) Best Regards, (sender's Outlook username)."

It will only affect computer users running Microsoft Windows and Outlook as their email application. If executed, the attachment, NakedWife.exe, opens what appears to be a Shockwave window and displays the logo of a company called JibJab. It then attempts to delete files in the Windows and system directories with the extensions DLL, INI, EXE, BMP and COM, erasing critical system files and causing Windows to fail.

Anti-virus experts say that, because it has the power to cause Windows machines to crash, this virus poses a more significant threat than some other viruses. They also say that it may prove more attractive to many users because it enters the sender's name into the body of the message and launches an apparently real Shockwave file.

Take me to the Virus Workshop

Take me to ZDNet Enterprise

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read what others have said.