ORANGE ALERT: Zafi.D is spreading rapidly and is already the virus most frequently detected by Panda ActiveScan

- Virus Alerts, by Panda Software (http://www.pandasoftware.com)

MADRID, December 15, 2004 - According to data gathered by the free online antivirus Panda ActiveScan, the Zafi.D worm, which appeared just yesterday, is already the most frequently detected virus around the globe, mainly in South America and Europe, where the most affected countries are Italy, Spain, Bulgaria and Hungary.

This worm spreads in a file attached to email messages containing the text Happy holidays! As we are in the run up to Christmas, users are sending millions of greetings via email, which is helping Zafi.D to spread widely and rapidly.

To prevent this worm from continuing to spread, especially through computers that do not have adequate anti-malware protection installed, Panda Software has released its free PQREMOVE utility, which detects and eliminates Zafi.D from all the computers it may have infected.

This tool can be downloaded from: http://www.pandasoftware.com/download/utilities.

Zafi.D is a multi-lingual worm, as it can adapt the language of the message to the domain of the email address it is being sent to, for example, a German-speaking user will receive the message in German. This significantly increases the capacity of this worm to spread.

"Zafi.D is a typical example of a worm that takes advantage of important dates to spread as widely as possible. This has happened in the past, and therefore, we were not surprised when it emerged. However, Zafi.D uses social engineering effectively, above all in adapting the message to the recipient's language, who will not be surprised to receive Christmas greetings from companies, family and friends which include an animation," explains Luis Corrons, head of PandaLabs.

What's more, Zafi.D can be used to gain control of affected computers, as it opens a backdoor in affected computers through a communications port. This allows an attacker to connect to the port and gain remote control of the affected computer.

Due to the high possibility of being infected by Zafi.D, Panda Software advises users to take precautions with any email messages they receive and to update their antivirus software.

Panda Software has made the corresponding updates available to its clients to detect and disinfect this new malicious code.Panda Software clients who already have the new TruPrevent Technologies installed have been protected since the worm first emerged, as these preventive technologies have been able to detect and block

Zafi.D without needing to be able to identify it first (more information about the new TruPrevent Technologies at http://www.pandasoftware.com/truprevent).

Users can scan their computers online for free with Panda ActiveScan, available at http://www.pandasoftware.com/For further information about Zafi.D, visit Panda Software's Virus Encyclopedia at: http://www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=56161