The Sircam Virus
The Sircam Virus
Membrane.com Staff Writer
July 26, 2001
A newer virus called "The Sircam Virus" has been
spreading at an alarming rate. In fact, our security
staff has never seen a virus with such a devastating
We've seen more cases of the Sircam Virus than the
Snow White, I Love You and Anna Kournikova viruses combined.
-- Daniel Brouse, Security Advisor, InternetU.org
The worm uses Windows' Outook Express Address Book to
send the virus, as well as, personal information
from the infected computer.
[Since this article was published, new mutations of the virus have
been found to attack other email clients, such as, Eudora.]
The worm will also try to look for e-mail addresses on
other parts of the computer.
If the infected computer is set-up with an e-mail account,
the worm will send out the virus whenever it is connected
to the Internet. The subject line and the file name
of the virus changes each time it is sent out. However,
the body of the email message usually starts the same way:
Hi! How are you
I send you this file in order to have your advice
See you later Thanks
Hola como estas
Te mando este archivo para que me des tu punto de vista
Nos vemos pronto gracias
What Sircam Does
Sircam causes at least three types of devastation.
- Personal security and privacy -- the owner of the infected
computer is faced with severe liability issues.
(The "owner" of
the infected computer is likely attacking other
computers, sending out other people's personal
information, hindering other businesses' activities,
to mention a few potential costs.)
- On October 16, one out of every 20 infected computers
will have their drive containing Windows deleted.
- On any other given day, one in 50 infected computers
will run a program that fills up the harddrive until the
What To Do If You Have Sircam
- Do not connect to the Internet.
- Boot the infected computer with a clean
DOS start-up floppy disk.
- Run F-prot (or other current virus
- Attempt to apologize to all those you
have sent the virus to and offer to help those
that you have infected.
No one is sure that these viruses aren't leaving
remnants behind. The only way you can know
for sure is to throw away the machines. The next
best alternative would be to reformat the harddrive
and re-install the operating system.
-- InternetU.org Security Dept.