Sircam hits FBI cybersecurity group

By Sam Costello July 25, 2001 2:26 pm PT

THE SIRCAM VIRUS has struck what may seem like one of the most unlikely places: The National Infrastructure Protection Center, the cybersecurity organization created by the U.S. Federal Bureau of Investigation, according to a Wednesday report by The Wall Street Journal Online.

The worm infected the PC of a researcher at the NIPC, and although it did not spread throughout the NIPC, Sircam did send eight internal documents marked "official use only" to outsiders, the Journal reported. The Journal also reported that no classified or sensitive information was released, according to FBI spokeswoman Debbie Weierman. Weierman did not return repeated calls for comment from the IDG News Service Wednesday morning.

Sircam is an e-mail worm that has been spreading at a speedy clip over the past week. The worm arrives as an e-mail in either English or Spanish bearing the message "Hi! How are you? I send you this file in order to have your advice. See you later. Thanks."

Sircam will either grab a document off the hard drive of the infected system and resend it when the worm spreads, thus potentially spreading sensitive or confidential files, or, in some cases, delete all files on the system's hard drive. When the attachment sent with an infected e-mail is double-clicked, the worm searches the PC's Windows Address Book for e-mail addresses and sends itself to all addresses listed there.

Sam Costello is a Boston-based correspondent for the IDG News Service, an InfoWorld affiliate.

http://www.infoworld.com/articles/hn/xml/01/07/24/010724hnsircamup.xml

-- Martin Thompson (mthom1927@aol.com), July 25, 2001