The virus, which emerged on May 18 and was programmed by its creator to expire and stop spreading on May 31, causes no serious damage. However, it is responsible for thousands of infectious e-mails to students that are falsely labelled as originating from “firstname.lastname@example.org.”
Director of Residential Computing Kevin S. Davis ’98 said the Harvard University Arts and Sciences Computer Services (HASCS) has been keeping track of the worm, but there have been no reports that the virus causes any harm to computers it infects.
“After the worm was released on May 18, the Harvard anti-virus server was updated with the latest anti-virus definitions, and students and staff could access updated anti-virus software for their protection,” Davis said.
The worm, known as “W32/Palyh-A” sends e-mails with a variety of subject lines.
The worm copies itself to the Windows folder, takes any e-mail addresses it finds on the hard disk and then sends itself out to those e-mail addresses.
Representatives from anti-virus companies think the worm managed to spread primarily because the e-mail message appeared to originate from Microsoft. The attached virus was also a “.PIF” file—an unfamiliar file extension that may have caught the curiosity of computer users and tempted them to open the attachment.