Skip over global navigation links

W32/Cekar Worm and its Variants

(Last Updated 03/09/07 12:30 PM)

CIT has been notified of increased activity of the W32/Cekar worm and its variants in the wild. The worm appears to rely on social engineering tactics that lure users into clicking links contained in SPAM emails. These links will direct the browser to malicious websites to infect the server or PC. An infected host may download additional trojans, and upload sensitive information like usernames and passwords.

Symptoms may include:

  • Network slowness
  • Computer slowness
  • Browser re-direction

Some examples of browser re-directions include:

  • Entering in your browser's address bar takes you to,
  • Clicking on one of your favorites that normally takes you to instead takes you to,
  • Clicking on a link on an NIH website takes you to an unexpected website.

Do not click on any links contained in:

  • Emails that you receive from an unknown sender.
  • Unexpected emails that ask you to verify or cancel information.

If you are unsure of the validity of an email or its sender, contact the service or sender by phone, and delete the email.

If you have any problems such as extreme slowness, applications not running, or you get redirected to a different web site while using your web browser, please contact the NIH help desk at 301-496-4357.


Up to Top

This page last reviewed: November 09, 2011