SCMP Thursday, February 15, 2001


'Anna' bug serves up trouble for Net users

JO BOWMAN and LYDIA ZAJC

A virus promising computer users a picture of tennis pin-up Anna Kournikova struck systems across Hong Kong and the world yesterday in the biggest global infection since last year's "Love Bug".
The bug, which raids victims' e-mail address books and sends itself to everyone there, greeted local office workers as they logged on in the morning. It had already swept across Europe and the US, spreading about twice as fast as the Love Bug, experts said.
"This virus is the latest to exploit psychology to aid its spread amongst innocent users," said Graham Cluley, senior technology consultant for Sophos Anti-Virus in Britain. "Pictures of Anna Kournikova are amongst the most popular on the Internet. Our message to computer users is simple - don't let unsolicited e-mail attachments lead you into temptation."
While the virus did not cause immediate damage to users' systems - unlike previous bugs that have deleted information or disabled terminals - it threatened to jam e-mail servers by sending mass messages. Recipients should delete the message.
The Swire Group, Siemens' local branch, public relations company Fleishman-Hillard and the South China Morning Post were among the Hong Kong offices hit.
A Hong Kong Government spokeswoman said no government systems had been infected with the virus, which has the subject line "Here you have;;o)" and carries the text "Hi: Check This!". An attachment called AnnaKournikova.jpg.vbs, which carries the virus, is designed to trick recipients into thinking they have been sent a picture of the star.
Hong Kong Computer Society spokesman and Yui Kee Computing consultant Allan Dyer said Net users were still falling into hackers' traps.
"People's memories are quite short; when the Love Bug hit, within the next couple of days we saw another 60-odd variants and none of those spread very well - in that time period, people were very sensitive about opening any attachments," he said. "But now it's almost a year later, the lesson has been forgotten."
Web company MessageLabs, which intercepted 3,000 copies of the message in an hour, said Britain, the US and the Netherlands had been hardest hit, and that the virus was spreading twice as quickly as the Love Bug.
MessageLabs' Asia-Pacific vice-president Nick Hawkins said it was human nature for workers to look first at personal messages before reading bulletins from their technology departments warning them not to open the message.
The Love Bug, which greeted recipients with the message "I love you" before raiding their address books, infected about 15 million computers last May and brought many mail servers to a standstill.