Virus experts at Sophos have reported that a new worm, Cellery-A (W32/Cellery-A), poses as a playable version of the classic Russian computer game Tetris as it attempts to spread across networks.
The Cellery worm, which gets its name from a message it displays saying ‘Chancellery’, makes changes to Windows settings to ensure that it automatically runs when the operating system starts up. Whilst the Tetris-like arcade game is running, the worm plays a MIDI music tune, and searches for other network drives and attached computers to also try and infect.
“This worm puts up the Tetris game as a smokescreen while it tries to hop from computer to computer across your network,” said Graham Cluley, senior technology consultant for Sophos. “If your company has a culture of allowing games to be played in the office, your staff may believe this is simply a new game that has been installed – rather than something that should cause concern.”
Cellery is not the first virus to allow infected users to play games on their PCs. The Bibrog worm posed as a shooting game, whilst the Coconut worm, written by the female Belgian virus writer Gigabyte, gave users the opportunity to throw coconuts at photographs of members of the computer security community.
“Computer users can stay ahead of the game by ensuring they have kept their anti-virus software updated,” continued Cluley. “With around a thousand new viruses being discovered every month it’s essential that everyone has systems in place to defend their data and computer infrastructure.”
Although there have only been a small number of reports of the Cellery worm, Sophos recommends computer users ensure their anti-virus software is up-to-date, and that companies protect themselves with a consolidated solution which can defend them from the threats of both spam and viruses.
Further details, and a graphic of Cellery-A can be found at: