Nurech.B arrives in emails with subject lines such as 'Happy Valentine's Day', 'Valentines Day Dance' and 'The Valentines Angel'.
The email 'sender' is always a woman's name such as Sandra, Willa, Wendy or Vicky, PandaLabs reported.
An attachment simulates an e-greeting card using file names like 'Greeting Postcard.exe', 'Greeting card.exe', or 'Postcard.exe'.
When users click on the attachment it creates a copy of the worm on the hard drive, and then conceals its presence using rootkit-like functions.
The worm also disables certain antivirus, anti-spyware, and security applications installed on the system.
Luis Corrons, technical director at PandaLabs, said: "The objective is to trick users into opening the attachment using enticing subject lines related to the romantic holiday.
"This type of trick is usually quite successful, so we strongly advise users never to open any attachment that they have not requested, regardless of what it seems to contain."
Nurech.A launched last week using similar methods and continues to spread, maintaining an 'orange' alert level, according to Panda Labs.
_(36).jpg&h=140&w=231&c=1&s=0)
_(33).jpg&h=140&w=231&c=1&s=0)
Cyber Resilience Summit
iTnews Executive Retreat - Security Leaders Edition
Huntress + Eftsure Virtual Event -Fighting A New Frontier of Cyber-Fraud: How Leaders Can Work Together
iTnews Cloud Covered Breakfast Summit
Live & Hands On Demo: Navigating the BMC AMI DevX Platform to Understand Code Faster Using AI
.jpg&h=271&w=480&c=1&s=1)
_(1).jpg&h=140&w=231&c=1&s=0)
