London-based security software developer Reflex Magnetics has discovered a virus which attempts to send users’ personal details held in Microsoft Office applications to the Codebreakers virus exchange web site. Reflex say the macro virus, which they have dubbed HSFX, is derived from the currently prevalent Ethan virus, but does not actually damage files.
According to Reflex, the virus does not seem to be sinister and does not steal any security sensitive information such PGP secret key rings. A spokesperson for Relfex said the only thing that might be worrying is that the user’s name and address is being sent to a notorious web site. The Codebreakers site has been running since September 1997 and claims to work to educate people about viruses. No one responsible for the site was available to comment on why the HSFX virus was sending user details to them.