Kama Sutra Threat Looms Large

As D-Day for the 'Kama Sutra' worm nears, security firm Sophos is warning users not to panic over the threat posed by it. The W32/Nyxem-D worm, which can pose as pictures of the Kama Sutra, has a destructive payload, which triggers half an hour after a computer is booted on the third day of any month, destroying DOC, XLS, MDB, MDE, PPT, PPS, ZIP, RAR, PDF, PSD and DMP files by replacing their contents with the phrase:DATA Error [47 0F 94 93 F4 K5]Nyxem-D worm is also known as Blackworm, Email-Worm.Win32.VB.bi, Win32/Mywife.e or W32.Blackmal.E@mm. "When you panic, you make mistakes," said Graham Cluley, senior technology consultant for Sophos. "Sit down, have a cup of tea, and work out if you have done everything you should have done to ensure your computer isn't at risk from the Nyxem worm, and indeed any of the other 120,000 pieces of malware in existence."The W32/Nyxem-D Windows worm does not infect Macintosh computers and experts believe that home users may be at more risk than businesses because typically they take security issues less seriously."Most businesses have been successfully protecting against this worm for a couple of weeks," said Cluley. "Home users who have not been updating their software may be at risk if they are in the habit of opening unsolicited attachments in emails with dodgy sounding subject lines. Even if they are infected, and do nothing, and the worm demolishes their data on Friday, they should be able to recover if they have a recent backup. Anyone who suffers from this worm's payload simply hasn't been practicing safe computing."Sophos warns that focusing too much on Nyxem's threat on Friday 3 February may leave people unaware of other malware risks."The damage caused by W32/Nyxem-D has stirred up the public interest because it sounds really terrible - but in many ways, it is the less visible malicious payloads delivered by other malware which can be far worse," said Cluley. "You may be able to recover the files deleted by Nyxem by going to backup or retyping the content. But you can never get back files which a hacker stole from your PC using a backdoor Trojan. You can never untype keystrokes which were captured by a keylogger. You can never unsend the thousands of emails spammed out if your computer is a zombie.""Bottom line - if you're worried about Nyxem-D now is the time to look for it, but maybe if you're worried about that you also have reason to be worried about all the other malware out there," said Cluley. "In January we saw 2,312 brand new pieces of malware, that's over 500 every single week."Sophos suggests that computer users who are concerned that they may be at risk ensure that their anti-virus software is properly installed and up-to-date, and that unsolicited email attachments are not opened. Additionally, PC users should ensure that they have patched their computer against the latest Windows security vulnerabilities, and that a client firewall is installed. Backups of valuable data should be routine both inside businesses and at home.

Related News: