In an embarrassing episode that underscores the continued risks associated with sharing online media, Google acknowledged that it inadvertently e-mailed postings to some 50,000 users that contained the Kama Sutra virus.
Google said that late Tuesday, three posts to its Google Video Blog group should not have been distributed. Some of those posts may have contained the mass-mailing worm, which is also known as "W32/Kapser.A@mm."
The search giant revealed the mix-up in a posting to its Video Blog site and recommended that users who believe their PCs could have been infected run updated virus scans. Most major antivirus software is capable of recognizing and filtering the worm.
"We're sorry for any inconvenience, and we're taking steps to ensure that this doesn't happen again," the message said. It was not known whether any users' machines had actually been infected by the worm.
Google's message also linked to the free Norton AntiVirus software available through the Google software pack.
The public blog e-mail list has a little more than 50,000 members, according to Google. Users sign up to be notified when interesting video links and clips are posted and receive periodic e-mails. Google did not say how the error occurred, but it appears the postings were added to the outgoing message by a Google employee.
It is no big deal actually The Kama Sutra worm got its nickname because it most often spreads under the guise of being pornographic images. When users click on a link in an e-mail, however, they instead download the worm, which seeks to replicate and send itself to as many additional users as it can. The original design was for the worm to also overwrite some key files on a user's PC, but the virus often doesn't work as planned.Google is no stranger to the types of mistakes -- often derived from human error -- that can occur thanks to the Internet.
Kama Sutra had the potential to be far more damaging than it was, with the payload of the virus including overwrite functionality that could have wiped out key files. The worm was believed to have been written to become active on a certain date, such as the third day of each month, but the threat has not materialized as feared.
The original virus appealed to Internet users' prurient interests, said Graham Cluey, senior technology consultant with Sophos , as it included subject lines suggesting the e-mail contained naked photos of someone's wife. "The worm was built to feed on people's willingness to receive salacious content on their desktop computers," he claimed.
Having the payload apparently delivered by a trusted third party such as Google adds a new wrinkle to the mix, however. Users are likely to have their guards lowered when they receive an e-mail from Google, Cluey noted. Still, the outbreak and the Google incident help to underscore the importance of keeping antivirus software updated.
0 comments:
Post a Comment