Home :: Forums :: Downloads :: Shop

Computer Worm Threatens Major Destruction Friday.

Del.icio.us  Digg  Google  Spurl  Blink  Furl  Y! MyWeb   More...

NEW YORK Friday may be D-day, as in "destruction day," for millions of Windows computer users.

That's the day a notably pesky e-mail worm, variously called "Nyxem.E," "CME-24," "BlackWorm," "Mywife.E," "KamaSutra" and "VB.bi," among other names, is set to detonate its deadly payload.

Once activated, the worm will corrupt all documents on a infected machine with the following file extensions: .dmp, .doc, .mdb, .mde, .pdf, .psd, .ppt, .pps, .rar, .xls and .zip.

That means almost all files created using Microsoft Word, Microsoft Excel or Microsoft PowerPoint could be lost forever, as well as "raw" Adobe Photoshop files, PDF files used by Adobe Acrobat and competing PDF readers, and several kinds of database and compression files.

Hundreds of thousands of Windows machines are believed to have already been infected, mostly in India, Peru, Turkey and Italy, said Mikko Hypponen, chief research officer for Finnish security company F-Secure Corp.

The worm also tries to disable anti-virus software that is out of date, Hypponen said. Thus, users should make sure their software is turned on and has the latest definitions, generally available for free from the software vendor's Web site.

F-Secure also has created free removal tools for two different versions of the worm, available here: http://www.f-secure.com/v-descs/vb_bi.shtml.

"If you are infected, and you find out about it today, you still have time to get rid of the virus," Hypponen said.

Nyxem.E hasn't spread as far or as fast as many recent e-mail worms. But worms these days are generally meant to help spammers and hackers carry out attacks, not destroy files, so the impact this time may be more severe.

Microsoft Corp. issued an advisory Tuesday warning customers about the worm, which affects most versions of Windows.

Users should be safe if they have the latest anti-virus software or if their computers are set with limited privileges, a common setting in larger organizations.

They are vulnerable if they, like many small business and home users, leave their computers set with full administrative rights.

Users should also check the date on the computer. The worm hits the third of every month, so if the computer's local calendar settings are off, Hypponen said, files may be destroyed sooner or later, even if the computer is never turned on Friday.

Article submitted by: Echo
Last Update: 01-31-2006
Category: Security

Print | E-mail

Current rating: 5.37 by 97 users
Would you recommend this article to a friend?

Not a Chance 12345678910 Absolutely

Please register or sign-in to post comments.

Related News Stories

(6,229 reads) 07-05-2008
 · Fusion Security
(12,266 reads) 06-02-2007
 · NukeSentinel(tm)2.5.10 Critical Update
(10,846 reads) 05-07-2007
 · NukeSentinel(tm) 2.5.08 Maintainance Release
(11,900 reads) 03-15-2007
 · NukeSentinel(tm) 2.5.07 Reissued: Critical Update
(10,794 reads) 03-02-2007
 · NukeSentinel(tm) 2.5.06: Critical Update
(11,590 reads) 01-23-2007
 · NukeSentinel(tm) 2.5.05 released
(11,514 reads) 12-24-2006
 · NukeSentinel 2.5.04 released
(11,208 reads) 11-03-2006
 · NukeSentinel(tm) 2.5.03 Released
(14,101 reads) 10-19-2006
 · Php Nuke 8.0 Patched
(10,776 reads) 10-01-2006
 · ipBan Modification