New Worm Steals User Data
A new Internet worm that steals information from users' computers and tries to shut down two Web sites is spreading.

The worm, Mimail.C, is a variant of the W32.Mimail worm that surfaced in August. The worm is been rated as "medium" level threat by major Anti-virus companies.

How does Mimail.C spread
Discovered on Friday, Mimail.C arrives as an e-mail nessage with "our private photos" in the subject line and an attached .zip archive file called "photos.zip."

The sender's address is faked to be "james" at the receiver's domain and the body of the message promises revealing photos of a girl at a beach, the antivirus vendors say.

Opening Activates
Infection starts when the recipient unpacks the "PHOTOS.JPG.EXE" file from the attachment and runs it. The worm will harvest e-mail addresses from the user's PC to mail copies itself to additional recipients. It will also send information captured from applications the user has open to certain e-mail addresses programmed into the malicious code, the antivirus companies say.