Summary

This is not a traditional virus, but a script problem affecting only users of WebTV appliances.

This program works by injecting a script to signatures of people when they post messages to public newsgroups. When other WebTV users read such a message, they will automatically post messages to same newsgroups with the same infectious signature. Eventually this will overload these newsgroups with phony messages.

The WTV/Flood script does not need any local user storage to operate. WebTV has extended HTML with tags of its own - tags that instruct WebTV server to, for example, post a message. That's exactly how WTV/Flood replicates; it uses these WebTV specific tags.

F-Secure Anti-Virus does not work under WebTV.

[Mikko Hypponen, F-Secure]