-We're not rating it as high risk," David Banes, region manager of Symantec security response told ZDNet Australia. -It doesn't replicate itself, you have to request the file from someone's PC. It's a manual replication.
The new worm, labelled W32.Benjamin.Worm on the Symantec Web site, is the first worm to use the Kazaa file-swapping service as a vector. It opens a network-accessible folder on the infected user's computer and fills it with copies of itself under different names, such as Age of Empires-Games-full-downloader, American Pie 2 -divx-full-downloader, and Metallica - Blackened. It also changes its size by adding random text to the end of the file.
Symantec reports receiving 19 submissions of the worm over the last couple of days, from just a few sites. -It's not a lot, but it's enough that we're doing a more detailed analysis," Banes said.
The worm is considered a low threat because of the manual replication method, and ease of containment and eradication.
Hi,
just to let you know, we got Benjamin worm through Kazaa probably, we have about 5.000 infected files out of 30.000. We love Kazaa, it seems one of the best softwares of its kind but the Benjamin virus is a threat to us. Should we delete Kazaa in order to protect our notebook?
Regards,
Kat