This worm was found on September 10th, 2002. As it contains serious bugs, the Chet worm will fail to function on most systems and can not be considered to be a major threat at this time. This advisory is published to prevent unnecessary hysteria on this worm.
The Chet worm tries to spread via an attachment file called 11september.exe. When this file is executed, the worm will attempt to send an e-mail to each address found from the Windows address book. The e-mail would always have "firstname.lastname@example.org" as the sender and "All people!!" as the subject.
The e-mail tries to explain that the attached "11september.exe" file contains proof of a conspiracy between US government and Al-Qaeda. However, if user executes the file, nothing visible happens while the worm tries to send itself to every e-mail address listed in the computers address book. This worm has apparently been written in Russia.
"This seems to be a poor attempt from a wannabe virus writer to exploit the commemoration of September 11th", comments Mikko Hypponen, Manager of Anti-Virus Research at F-Secure. "However, as the worm seems to crash regularily, it won't go far".
Detailed description of the worm is available at:
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.