Risk: Medium
A worm, which poses as a version of classic computer game Tetris, is spreading across the net. The Cellery worm spreads across insecurely configured network shares and distracts infected users with a Tetris-like arcade game and a MIDI music tune while it scours network drives and attached computers for fresh victims. Few copies of the worm have been seen, so Cellery is a curiosity rather than a serious risk right now.
Packaging malware in games is an unusual but not unprecedented tactic for virus authors. The Bibrog worm posed as a shooting game, while the Coconut worm, written by the female Belgian virus writer Gigabyte, gave users the chance to throw coconuts at pictures of members of the computer security community, including Sophos's Graham Cluley.
Another worm doing the rounds this month demonstrates that virus writers are inventive when it comes to social engineering tricks. The Wurmark-D worm offers prospective victims an unconventional Happy New Year message in the shape of a photograph of naked bodies. Infected emails pose as seasonal greetings with a "screensaver" attachment that launches the image as well as infecting any Windows PC it is launched from. Upon infection the worm will search infected hard disks for email addresses to send itself to as well as disabling any antivirus protection.
Wurmark-D and Cellery infect Windows PC only. Standard defensive precautions apply: avoid opening unsolicited attachments, update AV tools to detect the worms, apply the latest Microsoft security patches and use a personal firewall.