Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Site Notices
9/22/2017 12:11:25 AM
Posted: 2/2/2006 6:42:45 PM EDT
[Last Edit: 2/2/2006 6:47:18 PM EDT by thompsondd]
...probably a dupe, but I have been on the road for the past couple of days........

www.informationweek.com/news/showArticle.jhtml?articleID=178601098


Countdown On For Kama Sutra

Starting Friday, Feb. 3, the worm will begin corrupting 11 different file formats by overwriting those documents and files with a mindless string of text.

By Gregg Keizer, TechWeb News
Feb. 2, 2006
URL: http://www.informationweek.com/story/showArticle.jhtml?articleID=178601098

As the clock continues to tick toward the anticipated destruction of Microsoft Office documents, Adobe files, and backup archives, security companies on Thursday posted their latest research and advice on the Kama Sutra worm.

Also known as Blackworm, Blackmal, MyWife, and Nyxem, the worm has been active for about three weeks. It's a throw-back, designed not to simply hijack a PC or steal confidential information, but to destroy data. Starting Friday, Feb. 3, it will begin corrupting 11 different file formats by overwriting those documents and files with a mindless string of text.

Chicago-based LURHQ revisited its data, and now puts the estimate of Kama Sutra-infected systems at twice its earlier guess. "Based on the more recent logs plus different methodology, we believe the total number of users infected worldwide is actually closer to 600,000," said the company in a Web site posting.

Helsinki, Finland-based F-Secure, meanwhile, said Thursday that although the worm is supposed to ruin files on any network drives connected to an infected machine, its tests weren't able to duplicate that behavior.

"In practice, the worm failed to [damage files] on network drives, at least in our test environment. Files on local and removable drives (including USB memory) were damaged by the payload," the company noted in an online alert.

A researcher at the Internet Storm Center (ISC) confirmed the finding in independent tests. "At this point, I do not believe that the destructive payload will occur via shares and/or mapped drives," concluded ISC's Lorna Hutcheson.

Microsoft chimed in with an updated security advisory, originally released Monday, that now tells enterprise users a blank log-in password may protect them from the worm spreading throughout the network.

"In an environment where you can guarantee physical security, you do not need to use the account across the network, and you are using Windows XP or Windows Server 2003, a blank password is better than a weak password," the advisory now reads. Blank passwords, Microsoft added, can be used locally in Windows XP (SP1 and SP2), Windows Server 2003, and Windows Server 2003 SP1. "If the account password is blank, the account is not valid as a network credential," the advisory states.

But it was U.K.-based Sophos that had the smartest advice Thursday: Don't panic.

"Sit down, have a cup of tea, and work out if you have done everything you should have done to ensure your computer isn't at risk from the Nyxem worm, and indeed any of the other 120,000 pieces of malware in existence," said Graham Cluley, senior technology consultant at Sophos, in a statement.



news.independent.co.uk/world/science_technology/article342871.ece

Kama Sutra e-mail virus primed to strike today
By Martin Hickman, Consumer Affairs Correspondent
Published: 03 February 2006

Important information stored on home computers could be wiped clean by an e-mail virus called Kama Sutra that is timed to strike today.

Computer engineers say the virus has been infecting hundreds of thousands of machines across the world since being identified on 16 January. It is being circulated as a pornographic attachment to e-mails and spreads by e-mailing itself to other addresses from an infected computer. On the third day of every month it deletes files.

The virus targets computers using Microsoft Windows but, unlike many other recent viruses, deletes many popular types of file, including spreadsheets and presentations.

A website associated with the virus estimated it has now reached more than 300,000 victims. Its impact is likely to be greatest on home computers because most businesses have current anti-virus protection.

The virus got its name because some of its variations refer to the Kama Sutra guide to sexual positions but is also known as "Nyxem-E, Grew.A", "MyWife" or "BlackWorm". It appears as an e-mail with subject lines such as "Hot Movie" or "Miss Lebanon 2006".

Affected files include Oracle, Word, Adobe Acrobat, Photshop, Excel and PowerPoint. Because so many of the applications are used in offices, experts believe the virus may be aimed at businesses.

Ken Dunham, from the US internet security firm VeriSign, said: "This attack is under way and will be activated unless people get virus removal tools.

"If you have opened an e-mail and your computer froze up, you should be very concerned."

Important information stored on home computers could be wiped clean by an e-mail virus called Kama Sutra that is timed to strike today.

Computer engineers say the virus has been infecting hundreds of thousands of machines across the world since being identified on 16 January. It is being circulated as a pornographic attachment to e-mails and spreads by e-mailing itself to other addresses from an infected computer. On the third day of every month it deletes files.

The virus targets computers using Microsoft Windows but, unlike many other recent viruses, deletes many popular types of file, including spreadsheets and presentations.

A website associated with the virus estimated it has now reached more than 300,000 victims. Its impact is likely to be greatest on home computers because most businesses have current anti-virus protection.

The virus got its name because some of its variations refer to the Kama Sutra guide to sexual positions but is also known as "Nyxem-E, Grew.A", "MyWife" or "BlackWorm". It appears as an e-mail with subject lines such as "Hot Movie" or "Miss Lebanon 2006".

Affected files include Oracle, Word, Adobe Acrobat, Photshop, Excel and PowerPoint. Because so many of the applications are used in offices, experts believe the virus may be aimed at businesses.

Ken Dunham, from the US internet security firm VeriSign, said: "This attack is under way and will be activated unless people get virus removal tools.

"If you have opened an e-mail and your computer froze up, you should be very concerned."

Link Posted: 2/2/2006 6:46:39 PM EDT
[Last Edit: 2/2/2006 6:46:52 PM EDT by blacklisted]
I don't use antivirus software. I have never had a computer virus that I didnt' intentionally install on a computer.

Just follow "safe browsing practices" and you will never have a problem.
Link Posted: 2/2/2006 6:49:07 PM EDT

Originally Posted By blacklisted:
Just follow "safe browsing practices" and you will never have a problem.



THAT will be the exact reason why many people, including a lot of ARFcommers, will wake up to a major problem tomorrow. Ironically, it is also the same reason why a lot of them are also blind.
Link Posted: 2/2/2006 6:50:58 PM EDT
If it is a dupe, and I not saying it is, then I still wouldn't say D@P%.


notadupe

Link Posted: 2/2/2006 6:51:25 PM EDT
As thus is why you have a backup drive, even with security software installed, can be turned off just in case.
Link Posted: 2/2/2006 6:52:04 PM EDT

Originally Posted By blacklisted:
I don't use antivirus software. I have never had a computer virus that I didnt' intentionally install on a computer.

Just follow "safe browsing practices" and you will never have a problem.



brilliant advice.

Link Posted: 2/2/2006 6:52:19 PM EDT

Originally Posted By thompsondd:

Originally Posted By blacklisted:
Just follow "safe browsing practices" and you will never have a problem.



THAT will be the exact reason why many people, including a lot of ARFcommers, will wake up to a major problem tomorrow. Ironically, it is also the same reason why a lot of them are also blind.



Yep, i have been pretty lucky over the years, but I have been hit before myself.
Link Posted: 2/2/2006 6:55:05 PM EDT
Whoever creates a worm should have their nads cut off via blowtorch.
Link Posted: 2/2/2006 6:55:15 PM EDT
slackware.

I can't install viruses without setting up WINE.
Link Posted: 2/2/2006 6:56:29 PM EDT
I read that it's only released if you open an attatchment from an email. Am I correct to assume that if I don't open an unknown attatchment I should be OK?
Link Posted: 2/2/2006 7:02:38 PM EDT

Originally Posted By hanibal:
I read that it's only released if you open an attatchment from an email. Am I correct to assume that if I don't open an unknown attatchment I should be OK?



Thats how most viruses work, others target your email programs like outlook.

I can't believe the number of idiots that open attached files they know nothing about.

Use a web based email system.

Don't open attachments.

You will not get a virus.
Link Posted: 2/2/2006 7:06:05 PM EDT

Originally Posted By LonePathfinder:
I can't believe the number of idiots that open attached files they know nothing about.



Oh please, 80% of all guys here would probably open up an attachment which said "BOTD" or "Beautiful Sweater Puppies"
Link Posted: 2/2/2006 7:06:06 PM EDT
Well, is there some online thingy to check if I have it and remove it?
Link Posted: 2/2/2006 7:06:09 PM EDT
[Last Edit: 2/9/2006 6:34:25 PM EDT by AMHsix]
.
Link Posted: 2/2/2006 7:09:18 PM EDT
The Worms are created by the People that sell the software to kill them!!

Bob
Link Posted: 2/2/2006 7:13:20 PM EDT
My computer had a virus a while back, it still acts up even after the repair. Now I have an EL PRIMO Anti-Virus program.

I better make sure its updated
Link Posted: 2/2/2006 7:15:29 PM EDT
[Last Edit: 2/2/2006 7:20:43 PM EDT by david_g17]
Link Posted: 2/2/2006 7:23:10 PM EDT

Originally Posted By captainpooby:
Well, is there some online thingy to check if I have it and remove it?



HouseCall is a good free online virus scanner/remover.
Link Posted: 2/2/2006 7:26:00 PM EDT
Link Posted: 2/2/2006 7:27:09 PM EDT

Don't open attachments.

You will not get a virus.


Not quite true. There have been several viruses with Outhouse Express where you don't even have to open the attachment to get Microsoft to install the virus. As I understand it, several of those backdoors were eventually closed by Microsoft, but if several existed, then it stands to reason that there may be more. In a single day, half the Windows computers here were infected. These were on systems where none of the users click on attachments since there's no reason for any of them to ever receive a file from the outside world.z
Link Posted: 2/2/2006 7:28:05 PM EDT
Link Posted: 2/2/2006 7:29:01 PM EDT

Originally Posted By Paul:
lose Outlook Express and install something superior.



Like?
Link Posted: 2/2/2006 7:33:01 PM EDT

Originally Posted By LonePathfinder:

Originally Posted By hanibal:
I read that it's only released if you open an attatchment from an email. Am I correct to assume that if I don't open an unknown attatchment I should be OK?



Thats how most viruses work, others target your email programs like outlook.

I can't believe the number of idiots that open attached files they know nothing about.

Use a web based email system.

Don't open attachments.

You will not get a virus.



OK cool. I don't even open email from anyone unless they're in my address book let alone open an unknown attatchment. My ISP seems to have a pretty good virus scan as well so I think I'll be OK. Thanks for the clarification.
Link Posted: 2/2/2006 7:34:34 PM EDT
Tomorrws gonna suck at work
Link Posted: 2/2/2006 7:42:31 PM EDT
Not worried here. Our corporate Anti-Virus is also licensed to employees at home. It has had definitions out for this bug since mid-January. All of the systems I manage (and my home ones as well) are up to date within 60 minutes of a new definition being released and the systems are scanned daily.
Link Posted: 2/2/2006 7:48:34 PM EDT

Originally Posted By VooDoo3dfx:

Originally Posted By Paul:
lose Outlook Express and install something superior.



Like?



evolution or thunderbird.
Link Posted: 2/2/2006 8:00:31 PM EDT

Originally Posted By bastiat:

Originally Posted By blacklisted:
I don't use antivirus software. I have never had a computer virus that I didnt' intentionally install on a computer.

Just follow "safe browsing practices" and you will never have a problem.



brilliant advice.




Yes, it is.
Link Posted: 2/2/2006 8:13:51 PM EDT
[Last Edit: 2/2/2006 8:16:29 PM EDT by JohnTheTexican]

Originally Posted By blacklisted:

Originally Posted By bastiat:

Originally Posted By blacklisted:
I don't use antivirus software. I have never had a computer virus that I didnt' intentionally install on a computer.

Just follow "safe browsing practices" and you will never have a problem.



brilliant advice.




Yes, it is.



It's such a fine line between stupid and clever.
--David St. Hubbins & Derek Smalls
Link Posted: 2/2/2006 8:20:48 PM EDT

Originally Posted By blacklisted:

Originally Posted By bastiat:

Originally Posted By blacklisted:
I don't use antivirus software. I have never had a computer virus that I didnt' intentionally install on a computer.

Just follow "safe browsing practices" and you will never have a problem.



brilliant advice.




Yes, it is.



no it's not.

en.wikipedia.org/wiki/Sasser_%28computer_worm%29


Sasser spreads by exploiting the system through a vulnerable network port. Thus it is particularly potent in that it can spread without the help of the user...
Link Posted: 2/2/2006 8:21:40 PM EDT
just turn your computer off every 3rd.

don't turn in on till the next day
Link Posted: 2/2/2006 8:23:04 PM EDT
Link Posted: 2/2/2006 8:25:13 PM EDT

Originally Posted By g3shooter:
Whoever creates a worm should have their nads cut off via blowtorch.



+1000
Link Posted: 2/2/2006 8:25:55 PM EDT

Originally Posted By g3shooter:
Whoever creates a worm should have their nads cut off via blowtorch.



+1000
Top Top