Virus and Antiviruses

by William Crawford

It's not news, but I just got yet another piece of email generated by a Windows email virus. It's W32/Klez again.
What's interesting about this one is the message generated:

Content-Type: text/html;

W32.Elkern is a special dangerous virus that can infect on Win98/Me/2000/XP.
Sophos give you the special W32.Elkern removal tools

For more information,please visit

An install.exe file was attached to the email. The idea is presumably that my mother would receive this, assume that it's legitimate, and run the attachment. (My mother is too smart to fall for something like that, of course.) Sophos is a real antivirus company, of course, and their web site would say as much. They even underwrite National Public Radio and hence my morning commute. One would hope that their grammar would be a bit better than this, of course.

Of course, it's been a longstanding joke in the IT community that antivirus vendors create their own market. And Sophos (although apparently this variant uses McAffee, Symantec and others as well) has been particularly active in the scare mongering area. It's interesting to see this turn against them.


2006-03-17 03:17:49