The newly discovered Shockwave virus appears to be doing less damage than originally feared because business users and other intended victims may finally be getting better at dealing with such threats, security analysts say.
The virus, which disguises itself as a Shockwave file attached to an email message from someone familiar to the recipient, was first reported last Thursday by several vendors of anti-virus software.
The file containing the virus is named creative.exe, and the email includes this short message: "Check out this new flash movie that I downloaded just now...It's great. Bye."
When a user double-clicks on the attachment, the virus copies itself onto the victim's system and sends new copies of itself via email to all the names contained in that person's Outlook address book.
The virus doesn't delete any files but will move and rename some graphics and zip files, according to analysts.
Though security firms were quick to put the virus in the high-risk category because of its capability to mass-mail copies of itself, some analysts and antivirus vendors say the actual damage caused by the virus appears to have been minimal so far.
"We believe the worst is already over," says Paul Robertson, a senior developer at US-based TruSecure. Though there were several reports of businesses being infected by the virus late Friday afternoon and early Monday morning, the situation has eased considerably since then, he says.
"It speaks to the fact that administrators are getting used to dealing with these kinds of threats," Robertson says. For example users can avoid being infected by following basic security procedures such as applying all the recommended patches for the software products they use, regularly updating anti-virus software, and blocking certain kinds of attachments from entering business networks.