German gov't group warns of Y2K attacks

A German government organisation responsible for IT security is warning users that computer viruses, Trojan horses and dangerous e-mails are on the rise as 2000 approaches.

The end of the year always provides a good excuse for malicious parties to send out programs with damaging functions, the Bundesamt für Sicherheit in der Informationstechnik, (BSI), said in a statement yesterday.

"In the cold, dark part of the year, malicious programmers have more time to program," said Frank Felzmann, a security expert with the BSI, today.

In particular, BSI is warning users against opening electronic Christmas cards sent as e-mail attachments, which often hide malicious programs that do their damage unseen. Hackers have easy access to special programs that enable them to attach viruses to harmless e-mail attachments, Felzmann said.

Also back in circulation this holiday season is Happy99, Felzmann said, delivered via an attachment with a fireworks display. The virus sends copies of itself to the same newsgroups and e-mail addresses that an infected user is sending to.

Other malicious programs are sent under the pretext of making a home computer year-2000 compatible, BSI said.

One such program is Y2KCount, a Trojan horse disguised as a Y2K tool from Microsoft C that installs itself in computers with Windows 95 and 98 operating systems, and then monitors the user's Internet usage. A Trojan horse enters a computer unseen, but, unlike a computer virus it cannot spread itself.

Another, more dangerous virus is Fix2001, BSI said. Fix2001 is an Internet worm disguised as a year 2000 tool that can, under certain conditions, destroy the hard drive of the computer it inhabits. A worm is a kind of virus that "worms" its way into a part of your computer where it can do major harm.

Before running any Y2K fix program, users should carefully check their source, BSI said.

The BSI also warns against falsified e-mails using the millennium changeover as an excuse to obtain sensitive information about the user. Posing as an ISP, senders of these e-mails ask users to surrender access data, or bank and credit card information. A number of such e-mails have been sent under the ruse that if the receiver doesn't send the information, he or she will experience Y2K-related computer problems and lose their Internet access, BSI said.

Viruses spread via e-mail attachments have become increasingly common this year, according to security experts. According to a survey carried out by the International Computer Security Association (ICSA), 56 percent of infections this year were attributed to e-mail attachments compared to 32 percent last year.

BSI can be reached at http://www.bsi.de/.