Truth About Computer Security Hysteria
Pokémon Pikachu worm/TrojanCATEGORY: Overblown computer security threats
Reuters reporter Richard Meares filed a newswire on 24 August about a deadly Pokémon worm. The story sounded "new and urgent," yet the facts indicate otherwise. It appears the press renamed a months-old (and rarely seen) worm to increase its publicity value.
Virus experts first obtained a copy of this worm on 10 May — more than three months earlier — and called it "W95/HLLW.32747." Most antivirus products started detecting it in June. Symantec still considered Pokémon a miniscule threat as of 25 August. "We have not received any [in-the-wild reports of the worm] in August," a spokesman said. "We don't believe this is a high threat to consumers... If our customers have been regularly updating their virus definitions, then they are protected." Sophos issued a press release saying Pokémon "captured the imagination of many in the media" yet "poses no threat to computer users who have kept their [antivirus software] up to date."
At first blush, the Reuters story points to Trend Micro as the source of fearmongering. Rival firm Network Associates pounced on Trend (though not by name) in their own effort to quell hysteria. "Another [antivirus] company recently added detection for this Interent worm," their website noted. "However it is not a new discovery in terms of the date it was added to their detection."
Trend Micro called Vmyths.com to offer their side of the story. A revised timeline of events seems to go something like this:
Last updated: 2000/8/25