W32.Alco.gen


Aliases: W32.Alco, W32/Generic.a@MM, Win32:Goner-B
Variants: Email-Worm.Win32.FreeTrip.d, I-Worm.FreeTrip.d, Win32.Alcaul.AQ@mm, Worm Generic, Win32/GonClean.A

Classification: Malware
Category: Computer Worm

Status: Dormant
Spreading: Fast
Geographical info: N/A
Removal: Easy
Platform: W32
Discovered: 29 Jan 2002
Damage: Low

Characteristics: The W32.Alco.gen malware is a type of mass mailing Worm.

More details about W32.Alco.gen

Consistent with the characteristics of these types of threats, it makes use of the address book to find potential targets where it can spread its codes. Sending of email messages are normally done without the knowledge of the account owner. Microsoft Outlook being the default email client of the Microsoft Windows Operating System platform normally becomes the target of mass mailing Worms like the W32.Alco.gen malware. This however does not mean that other email clients are safe from infection. In fact, what is really being targeted by the W32.Alco.gen program is the Windows Address Book where it can harvest all stored email addresses. In some instances, it has been seen that even Internet Relay Chat accounts have been infected to spread the malicious codes faster.

In majority of instances, the W32.Alco.gen program takes over the personality of the account owner to give the spike email message a semblance of authenticity. This also makes it easier to make the recipient launch an obviously malicious file attachment. The main defense mechanism for mass mailing Worms like the W32.Alco.gen program is that they generate multiple copies of themselves across various locations of the hard drive. In systems with multiple hard drives, the possibility of infection spanning multiple volumes is not far fetched. Considered as a low level threat, the W32.Alco.gen program delivers a payload of being more an annoyance rather than corrupting any files.