Home :: Forums :: Downloads :: Shop

Computer Worm Threatens Major Destruction Friday.


Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb   More...
Share:
Sponsors:

NEW YORK Friday may be D-day, as in "destruction day," for millions of Windows computer users.

That's the day a notably pesky e-mail worm, variously called "Nyxem.E," "CME-24," "BlackWorm," "Mywife.E," "KamaSutra" and "VB.bi," among other names, is set to detonate its deadly payload.

Once activated, the worm will corrupt all documents on a infected machine with the following file extensions: .dmp, .doc, .mdb, .mde, .pdf, .psd, .ppt, .pps, .rar, .xls and .zip.

That means almost all files created using Microsoft Word, Microsoft Excel or Microsoft PowerPoint could be lost forever, as well as "raw" Adobe Photoshop files, PDF files used by Adobe Acrobat and competing PDF readers, and several kinds of database and compression files.

Hundreds of thousands of Windows machines are believed to have already been infected, mostly in India, Peru, Turkey and Italy, said Mikko Hypponen, chief research officer for Finnish security company F-Secure Corp.

The worm also tries to disable anti-virus software that is out of date, Hypponen said. Thus, users should make sure their software is turned on and has the latest definitions, generally available for free from the software vendor's Web site.

F-Secure also has created free removal tools for two different versions of the worm, available here: http://www.f-secure.com/v-descs/vb_bi.shtml.

"If you are infected, and you find out about it today, you still have time to get rid of the virus," Hypponen said.

Nyxem.E hasn't spread as far or as fast as many recent e-mail worms. But worms these days are generally meant to help spammers and hackers carry out attacks, not destroy files, so the impact this time may be more severe.

Microsoft Corp. issued an advisory Tuesday warning customers about the worm, which affects most versions of Windows.

Users should be safe if they have the latest anti-virus software or if their computers are set with limited privileges, a common setting in larger organizations.

They are vulnerable if they, like many small business and home users, leave their computers set with full administrative rights.

Users should also check the date on the computer. The worm hits the third of every month, so if the computer's local calendar settings are off, Hypponen said, files may be destroyed sooner or later, even if the computer is never turned on Friday.

Article submitted by: Echo
Last Update: 01-31-2006
Category: Security

Print | E-mail


Current rating: 5.37 by 97 users
Would you recommend this article to a friend?

Not a Chance 12345678910 Absolutely

Please register or sign-in to post comments.


Related News Stories

(6,115 reads) 07-05-2008
 · Fusion Security
(12,158 reads) 06-02-2007
 · NukeSentinel(tm)2.5.10 Critical Update
(10,782 reads) 05-07-2007
 · NukeSentinel(tm) 2.5.08 Maintainance Release
(11,818 reads) 03-15-2007
 · NukeSentinel(tm) 2.5.07 Reissued: Critical Update
(10,714 reads) 03-02-2007
 · NukeSentinel(tm) 2.5.06: Critical Update
(11,508 reads) 01-23-2007
 · NukeSentinel(tm) 2.5.05 released
(11,420 reads) 12-24-2006
 · NukeSentinel 2.5.04 released
(11,132 reads) 11-03-2006
 · NukeSentinel(tm) 2.5.03 Released
(14,027 reads) 10-19-2006
 · Php Nuke 8.0 Patched
(10,678 reads) 10-01-2006
 · ipBan Modification