The KamaSurta worm also known as Blackmail, MyWife, Nyxem.E, and Grew is thought to have infected more than half a million PCs. Security vendor IronPort warned Thursday that these machines are now hard-coded to propagate the virus on Feb. 3.
According to F-Secure:
When run on a Windows PC, the worm copies itself to shared network locations and sends itself to e-mail addresses found on the target computer. The pest includes a timed attack that attempts to disable antivirus and firewall software and delete certain files, including Office documents on 3rd of the month. At the moment it's just sitting there quietly, and we won't know how many home users have been infected until Feb. 3. It is similar to the 'Email-Worm.Win32.VB.bi' that was found a few days ago.
Nyxem has the potential to cause havoc throughout the year, as infected PCs are set to activate on the third day of every month, unless they are cleaned up. F-Secure has reported that Nyxem.E reached the top position on Thursday in its virus statistics list, with 21.7 percent of all reported infections. The worm also has its own counting mechanism, and it showed 510,000 infected systems on Saturday.
Nyxem is certainly malicious. It can be delivered via e-mail, but also as a network worm. It probes other PCs on a closed network to compromise them and send itself to the other computers, to infect as many hosts as possible. The malicious software hides in attachment types not typically blocked by attachment filters
It got a lot of media attention because of the name and the illicit material, but it did not get attention from the major antivirus companies There was "some hype" fueled by some in the security industry that published high infection numbers. vast majority of the machines infected...are home computers.
Companies are unlikely to be directly affected if they are running up-to-date antivirus software, because the major antivirus vendors have now released patches. But IronPort warned that companies could experience secondary effects, as the virus tries to propagate itself by harvesting e-mail addresses on an infected machine. McAfee, Symantec and Trend Micro say KamaSurta has come and gone. Still, PC users should keep their antivirus software up to date to be protected against possible variants.
The bottom line is that: There is nothing to fear about the KamaSurta since it no more exists on a large scale view, but as far as home users running age old antivirus systems (with no or older updates) and no firewall are still the once who will suffer.
technorati tags: Virus, worm, Blackmail, MyWife, Nyxem.E, Feb 3 2006, KamaSurta, internet
0 comments:
Post a Comment