A new virus is spreading. It seems to be rather Klez-like in that it will send itself out to spread using a random source and destination email address, so the address the message says it’s from it likely not the real person.
The worm appears to be harvesting email addresses and delivering them to an apparent spamming ring.
Please make sure your workstations and servers have updated their dat files in the last few hours, signatures are just becoming available. And remind users not to open any suspicious emails that may slip through.
More information on the virus is available at:
https://www.sophos.com/en-us/labs.aspx
Users of infotex’s Sifter Offsitefilter service are being protected by our virus engines, but it is still advisable to update local workstations. Details are still sketchy, the worm may have a component that could propagate via methods other than email.
Those of you using email services through our hosting servers should have all instances of the worm blocked via email as well by our antivirus built in to your hosting account.
Signatures have been put into place for our managed IDS users to detect local outbreaks.
We’ll update if significant new information becomes available.