Klez (computer worm)
| Klez | |
|---|---|
| Surname | Klez |
| Known since | 2001 |
| Type | Email worm |
| Other classes | Network worm |
| Authors | Unknown |
| Memory resident | Yes |
| distribution | Exploits, emails |
| system | Windows 95, 98, NT 4.0, ME, 2000 and XP |
| programming language | Can manipulate anti-virus software |
Klez is a computer worm from 2001. It spread through files attached to e-mails and infected Windows operating systems in order to read out personal data, especially e-mail addresses, and use it to spread even further. It also acted as a spam thrower by distributing large quantities of unwanted files from the recipient. A few months after its first appearance in October 2001, the Klez virus practically played no role anymore because the anti-virus programs discovered it and Microsoft closed the security holes relevant to the intruder.
Mode of action
Klez penetrated the PC via the Internet via the e-mail program Outlook or the Internet Explorer web browser (under the Windows 95, 98, NT 4.0, ME, 2000 and XP operating systems). He disguised his origin and read data from the e-mail or chat programs unnoticed . He used the addresses obtained in this way to send new mails (unnoticed by the user) to his friends and acquaintances, with the worm as an attachment. In order to remain undetected for as long as possible, Klez also changed the detection mechanisms of the antivirus programs common at the time , by deleting virus signatures or program files, for example.
Removing the worm
In order to remove the Klez worm, the computer should be disconnected from the Internet and started and disinfected from an uninfected medium (such as the original Windows CD) because of the possible infection by malware protection programs .
Web links
Individual evidence
- Jump up ↑ A new variant of the Klez worm. April 18, 2002, accessed April 27, 2019 .