Computer Worm Threatens Major Destruction Friday.  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  

NEW YORK Friday may be D-day, as in "destruction day," for millions of Windows computer users.

That's the day a notably pesky e-mail worm, variously called "Nyxem.E," "CME-24," "BlackWorm," "Mywife.E," "KamaSutra" and "," among other names, is set to detonate its deadly payload.

Once activated, the worm will corrupt all documents on a infected machine with the following file extensions: .dmp, .doc, .mdb, .mde, .pdf, .psd, .ppt, .pps, .rar, .xls and .zip.

That means almost all files created using Microsoft Word, Microsoft Excel or Microsoft PowerPoint could be lost forever, as well as "raw" Adobe Photoshop files, PDF files used by Adobe Acrobat and competing PDF readers, and several kinds of database and compression files.

Hundreds of thousands of Windows machines are believed to have already been infected, mostly in India, Peru, Turkey and Italy, said Mikko Hypponen, chief research officer for Finnish security company F-Secure Corp.

The worm also tries to disable anti-virus software that is out of date, Hypponen said. Thus, users should make sure their software is turned on and has the latest definitions, generally available for free from the software vendor's Web site.

F-Secure also has created free removal tools for two different versions of the worm, available here:

"If you are infected, and you find out about it today, you still have time to get rid of the virus," Hypponen said.

Nyxem.E hasn't spread as far or as fast as many recent e-mail worms. But worms these days are generally meant to help spammers and hackers carry out attacks, not destroy files, so the impact this time may be more severe.

Microsoft Corp. issued an advisory Tuesday warning customers about the worm, which affects most versions of Windows.

Users should be safe if they have the latest anti-virus software or if their computers are set with limited privileges, a common setting in larger organizations.

They are vulnerable if they, like many small business and home users, leave their computers set with full administrative rights.

Users should also check the date on the computer. The worm hits the third of every month, so if the computer's local calendar settings are off, Hypponen said, files may be destroyed sooner or later, even if the computer is never turned on Friday.

Article submitted by: Echo
Last Update: 01-31-2006
Category: Security

Print | E-mail

Current rating: 5.37 by 97 users
Would you recommend this article to a friend?

Not a Chance 12345678910 Absolutely

Please register or sign-in to post comments.

Related News Stories

(9,209 reads) 07-05-2008
 · Fusion Security
(14,898 reads) 06-02-2007
 · NukeSentinel(tm)2.5.10 Critical Update
(13,670 reads) 05-07-2007
 · NukeSentinel(tm) 2.5.08 Maintainance Release
(15,108 reads) 03-15-2007
 · NukeSentinel(tm) 2.5.07 Reissued: Critical Update
(13,608 reads) 03-02-2007
 · NukeSentinel(tm) 2.5.06: Critical Update
(14,398 reads) 01-23-2007
 · NukeSentinel(tm) 2.5.05 released
(14,430 reads) 12-24-2006
 · NukeSentinel 2.5.04 released
(14,150 reads) 11-03-2006
 · NukeSentinel(tm) 2.5.03 Released
(18,015 reads) 10-19-2006
 · Php Nuke 8.0 Patched
(14,384 reads) 10-01-2006
 · ipBan Modification