Only recently one of my clients sent me an e-mail containing an attachment. The text body
of the e-mail was brief, reading: Testing - Pretty Park.exe. The attachment was a small .exe
(executable) file, 37kb in size. This file was, in fact, a virus (of sorts) more commonly
known as a trojan horse
(one that is willingly accepted by the user and run without the understanding of
what it really is), or worm. These little nasties have a very effective way of propogating
themselves
via your e-mail and chat-room software, and can replicate themselves within 30 minutes
of arrival, appearing in the mailboxes of all your e-mail contacts.
The fact is, my client did not even know that he had sent me this file. He was simply
unfortunate enough to have inadvertently downloaded the Pretty Park trojan horse from
somewhere on the internet, or, more likely, was sent it from a similarly unsuspecting e-mail
contact.
This trojan horse is of a type referred to as a back door virus (although technically it is
distinctively different from an actual virus as such), and one of its features
is that it will literally allow an opening for other, less scrupulous people, to come onto your
computer via your on-line connection, and cause possible havoc on your hard drive. In fact, it
will send messages out to specific irc servers openly inviting such pirates to come aboard and
invade your computer. These people could, at worst, delete everything on your hard drive - at
the very least they may read your private mail and learn all your passwords.
Pretty Park will also, upon activation, select all the address book entries in your e-mail
software, and send them all the same message that I received from my trusted client, thus
ensuring its continual spread onto other people's computers.
Fortunately, there is both prevention and remedy for the likes of Pretty Park, Back Orifice,
Netbus and other back door nasties. The one I use and recommend is called Bo-Detect, and you
can download it from here. Installation is simple, as it will self-install when you double-click
on it - you need only specify where it is to be installed.
A word of warning, though - not all trojan horse detection software is genuine. One, called
Bo-Sniffer, is in fact the Back Orifice trojan horse in disguise, and, instead of
protecting you from invasion, will actually infect your computer.
My recommendation when downloading software from the net, is to stick with the larger, trusted
download servers such as ZDnet,
CNet
or Tucows,
or to download from the developer's own website,
ie Microsoft,
Symantec or whoever. Smaller, amateur
websites can usually be trusted, but there is a far
greater risk of obtaining viruses from such places. Secondly, never open an .exe file within
an e-mail attachment, even from a trusted friend, unless you are sure of what it is. Remember
too that viruses can hide in other documents, such as .zip and .doc files - be wary always,
and make sure that you have up-to-date
anti-virus software installed on your computer.
Would you like to download Bo-Detect to install on your computer?
Yes /
No
SEE ALSO: Pretty Park,
Back Orifice,
ExploreZip Worm,
MyPics Worm,
FunLove 4099,
Virus Hoaxes.