Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.

Trend Micro issues Medium Risk Alert for Worm spreading Spyware

Wednesday 11 May 2005, Trend Micro today issued a medium risk alert for WORM_WURMARK.J, this memory-resident worm which has been seen spreading by email. Upon execution, it drops a copy of itself in the Windows system folder using a random file name.
Interestingly, it also drops a randomly named (Dynamic Link Library) DLL file in the Windows system folder, which is a component of an IESpy, a Spyware program. This is the first time a worm has been identified, containing a commercial spyware programme.
WORM_WURMARK.J has a keylogging capability. It saves the logs typed by the user in a dropped random DLL file. Additionally WURMARK drops several zip files in the Windows system folder as email attachment.
The subject of the email varies, using a number of words such as “details”, “girls” “music” and “readme”. Using basic social engineering methods, it entices users to open the .zip files with names like “”, “” and “”. The message body however is blank.
For further information please visit Trend Micro’s website at

This press release was distributed by ResponseSource Press Release Wire on behalf of Onechocolate Communications in the following categories: Computing & Telecoms, for more information visit