F-Secure on Newly Found Winevar Worm
The Winevar e-mail worm was found in-the-wild in Korea in the end of November 2002. Apparently it was released on purpose during the AVAR 2002 Conference (Anti-Virus Researcher’s Asia) in Seoul, South Korea.
The worm’s file is a Windows PE executable about 91Kb long. The worm was written in Microsoft Visual C++. It should be noted, that Winevar resembles Bridex worm that appeared earlier. The Winevar worm has many bugs that can cause damage to infected systems and limit the worm’s spreading.
F-Secure advisory on this worm: