
The email carries a malicious attachment - postcard.exe - that, if executed, installs malicious code variants of Tibs, Nuwar, Banwarum and Glowa onto users' computers, Dunham said. In addition, two rootkit files are installed to prevent the malware from being discovered.
"User interaction is required for the worm to infect a computer, but is more likely due to the holiday period and social engineering of the worm," he said. "The period of greatest risk is through the New Year's holiday, when anti-virus protection is the lowest for this new threat and users are most apt to click on a ‘New Year's' related message."
Mikko Hypponen, F-Secure's chief research officer, said today that postcard.exe attachments should normally be avoided because "they always seem to be bad news."
Click here to email reporter Dan Kaplan.