"As was the case with Melissa, the transmission of a virus can be a criminal matter, and the FBI is investigating," said Michael Vatis, director of the National Infrastructure Protection Center (NPIC).
Vatis said the worm has the potential of doing significant damage to private sector and government computer systems. (See CNET Topic Center on antivirus software.)
"It is critical for computer users to be aware of and take the well-publicized steps to protect against and mitigate potential damage caused by malicious code," he said in a statement released this afternoon.
He added that transmission of malicious code can be a federal criminal offense and that the FBI is "aggressively investigating" the matter.
The National Infrastructure Protection Center is monitoring developments and coordinating field office investigations, he said, urging victims of the virus to contact the FBI field office nearest them, or the NIPC Watch and Warning Unit, which can be reached by email at email@example.com.
"Because of the destructive payload delivered by this virus, its potential impact is significant," Vatis said. "All email users should exercise caution when reading their email for the next few days and bring unusual messages to the attention of their system administrator."
After the Melissa virus outbreak that began March 26, the FBI joined other agencies to identify and track down whoever had created, then spread the virus. On April 1, a 30-year-old New Jersey man, David L. Smith, was arrested by federal and state officials and charged in the case. He has pleaded not guilty and his case is still pending.