Researchers at Sophos are warning PC users about the W32/Hoots-A worm, which sends a picture of an owl to attached network printers.
The unusual malware is written in Visual Basic and spreads through network shares, according to a company advisory.
Once installed on a network, the worm sends a picture of an owl with the words "O RLY?" to a number of print queues.
Graham Cluley, senior technology consultant, said the malware is most likely the work of an amateur.
"This isn’t the work of a professional virus writer. Most malware authors these days encrypt their executables with packers in an attempt to make them harder to detect, this one does not," he said. "It is also written in Visual Basic, which is unusual for a virus today. But the smoking gun is that the worm has hardcoded within it the specific network paths to almost 40 different printers. It appears this malware was written for a specific organization, by someone who had inside knowledge of their IT infrastructure."
"Why the author should want to print out pictures of an owl is, of course, anybody’s guess," said Cluley.
The firm noted that it had so far only received reports of the worm from one company.
.png&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
