'Here you have' email virus attacks globally

Does your email in-box look like this? If so, you're not alone.

September 9, 2010 8:18:20 PM PDT
A massive and dangerous email virus has spread like wildfire, flooding inboxes and disrupting operations across the globe. The email is landing in the inboxes of companies around the world. The email has the subject line 'Here you have.' In the body of the email, it reads, "Hello: This is The Document I told you about, you can find it here," and contains a reference to a document and a link to what appears to be a PDF. IT departments are advising users not to open the email or click on the link, but to delete the message.

If you click on the link, the virus replicates and sends itself out using your name and contact list.

The attack appears to be global, so far affecting companies such as Disney, P&G, Dow, Coca-Cola and others. The Florida Department of Transportation's email system has been shut down, and other Florida government agencies have been affected, but so far no Texas government agencies are reporting any impact. The virus may have originated in Russia.

Locally, we know that NASA's Johnson Space Center has been affected by the virus. The Memorial Hermann Hospital System also confirmed they got the virus, but said they were able to contain it quickly.

Google has been tracking Twitter (#hereyouhave) to find out how often people are talking about the 'here you have' virus, and you can see a big spike starting right before 12pm and it has been continuing all afternoon.

Adobe Systems yesterday advised computer security experts that there were vulnerabilities in the Adobe reader software, noting that hackers were looking to actively exploit a recently detected vulnerability.

Chances are you will see it in your inbox either at work or when you get home like other emails.

"Be very careful when you get your email. Before you check your email today or in the next few days, make sure anti-virus software is up to date, anything that has "here you have" in the email subject, just delete it," said computer expert Alex Diaz.

Most folks already know not to open email attachments from folks they do not recognize, but this email is sending out the virus from what appears to be the people you do know.

The Department of Homeland Security and the U.S. Emergency Response Team are looking into the problem.

Following information from Adobe: "A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2883) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild."

Security firm McAfee said because multiple variants of it are spreading, it may take some time to find the origin. After the initial email flood, they also listed the risk as low.

Load Comments