Sign in Subscribe
Uncategorized

The Klez virus is easily

Matt Haughey

2 min read

The Klez virus is easily the worst email-based virus to date. It does everything the typical Outlook Express-exploiting virus does, it looks like a almost normal email, you run the cloaked attachment then it emails everyone in your address book with more viruses, but it does one extra thing: it randomly changes the From field to anyone in the address book.

This small change means big things. Email is the killer app but suffers from a big problem that is internet-wide in scale. Email is inherently insecure, and I think we've coasted pretty far without addressing that. I can send an email as if I was anyone, and unless you know how to read email headers, you might not know it was faked. The other thing the internet is particularly bad at is reputation management. While sci-fi authors envisioned avatar-infested worlds with all sorts of metadata available on everyone, by and large there isn't a central point to measure anyone's reputation on, so we have to go with things like past history. I've avoided using Outlook or any of its variants for years, and I'm happy to say I've never gotten infected with an email virus to date. It's no small task to successfully avoid contracting any viruses for years while getting upwards of 100 messages a day the whole time.

Imagine my surprise when I started getting bounced messages saying my messages couldn't be sent and realizing I never sent them. Then imagine seeing that the messages all came from an account I haven't sent any email from in 3 years. When several messages starting showing up from email servers saying I sent viruses to a law firm and then actual people asking me if they should open the attachment they received, I knew something was really wrong.

For someone that has never fell for a virus message or been infected, this is the equivalent of trying to buy a car and hearing that the credit check showed you were attempting to pass bad checks in Long Beach under your name, or that your name was on a credit card used to buy jewels in Kuala Lumpur (both things have actually happened to my wife and I). The only problem with this virus is there is no way to verify that someone sent a message, or for someone to look up my track record of being virus free and knowing this message was a fake.