New Coronex Worm Exploits SARS Worries
Posted on 23.04.2003
Sophos has issued a warning of a new computer worm that takes advantage of growing concern over the biological SARS virus.

Known as W32/Coronex-A, the mass-mailer worm forwards itself to all contacts in Outlook address books and attempts to dupe innocent computer users into opening an attachment offering details on the current SARS epidemic. The Coronex worm uses a variety of subject lines, message bodies and attachment names to entice users into double-clicking including: "Severe Acute Respiratory Syndrome", "SARS Virus" and Hongkong.exe.

"The worm has been deliberately coded to exploit the public's genuine concern about SARS, and is just a further demonstration of the ways that virus writers attempt to use psychological trickery to spread their creations," said Graham Cluley, senior technology consultant for Sophos Anti-Virus. "It is important that people call this virus by its proper name, Coronex, rather than 'the SARS virus'. If they don't it will only add to the confusion and panic. In particular, anti-virus firms should act responsibly in the way they communicate news of this virus to the public by ensuring their products, alerts and press releases do not refer to this computer virus as 'SARS'".

"As ever the advice to users is simple: practice safe computing, keep anti-virus software up to date and patch against operating system vulnerabilities. This will dramatically reduce the risk of becoming infected by a new virus," continued Cluley.

Sophos recommends companies consider blocking all Windows programs at their email gateway. It is rarely necessary to allow users to receive programs via email from the outside world. There is so little to lose, and so much to gain, simply by blocking all emailed programs, regardless of whether they contain viruses or not.

More details of the Coronex worm are available at


eBook: Cybersecurity for Dummies

Posted on 16 December 2014.  |  APTs have changed the world of enterprise security and how networks and organizations are attacked. These threats, and the cybercriminals behind them, are experts at remaining hidden from traditional security while exhibiting an intelligence, resiliency, and patience that has never been seen before.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Dec 18th