Win32/NetSky.D is a new Internet worm that is spreading via infected e-mails. The versatility of the worm, in terms of different subjects using methods to fool its recipients, may cause a massive epidemic. Several hundred samples have been received within the few hours since the outbreak according to Eset Software.
The virus arrives as an e-mail where the sender's address is spoofed and contains a variety of subject and message text asking the user to open an attached file. The attached file uses a double extension: some systems will only display the innocuous first one and hide the real .exe nature of the file. When opened, the virus pif file will rapidly replicate itself, slowing down computers and e-mail bandwidth.
The latest Netsky worm uses a variety of random subject titles (many starting 'Re: Your ...') and attached file names include: ll_document.pif, application.pif, document.pif, your_letter.pif, your_product.pif.
Once again, this worm represents a threat to the free flow of information over the Internet.