VBS.VBSWG.Z Worm (aka MAWANELLA)

New internet worm started spreading yesterday and hit thousands of companies worldwide. The worm is coded in Visual Basic Script language and is spreading via MS Outlook messages within the "Mawanella.vbs" attachment.

Althought the worm is encrypted to bypass heuristic scanners, NOD32 technology is ahead of the game and detected the worm the very same moment it appeared in the wild. No update of the virus database was/is required and necessary.

If you receive message with "Mawanella" in the Subject line, delete the message after the Virus Alarm set by NOD32 POP3 antivirus e-mail filter is triggered. Political message of the infection is clear from the text of the message: "Mawanella is one of the Sri Lanka's Muslim Village".

Computers without effective antivirus protection with Windows Scripting Host installed may cause further spread of the infection by means of infected e-mails sent to all addresses in the MS Outlook address book repeatedly, whenever the worm is executed.