Put a condom on your computer tonight.........

Site Notices

[ARCHIVED THREAD] - Put a condom on your computer tonight.........

Posted: 2/2/2006 6:42:45 PM EDT

...probably a dupe, but I have been on the road for the past couple of days........

www.informationweek.com/news/showArticle.jhtml?articleID=178601098

Countdown On For Kama Sutra

Starting Friday, Feb. 3, the worm will begin corrupting 11 different file formats by overwriting those documents and files with a mindless string of text.

By Gregg Keizer, TechWeb News
Feb. 2, 2006
URL: http://www.informationweek.com/story/showArticle.jhtml?articleID=178601098

As the clock continues to tick toward the anticipated destruction of Microsoft Office documents, Adobe files, and backup archives, security companies on Thursday posted their latest research and advice on the Kama Sutra worm.

Also known as Blackworm, Blackmal, MyWife, and Nyxem, the worm has been active for about three weeks. It's a throw-back, designed not to simply hijack a PC or steal confidential information, but to destroy data. Starting Friday, Feb. 3, it will begin corrupting 11 different file formats by overwriting those documents and files with a mindless string of text.

Chicago-based LURHQ revisited its data, and now puts the estimate of Kama Sutra-infected systems at twice its earlier guess. "Based on the more recent logs plus different methodology, we believe the total number of users infected worldwide is actually closer to 600,000," said the company in a Web site posting.

Helsinki, Finland-based F-Secure, meanwhile, said Thursday that although the worm is supposed to ruin files on any network drives connected to an infected machine, its tests weren't able to duplicate that behavior.

"In practice, the worm failed to [damage files] on network drives, at least in our test environment. Files on local and removable drives (including USB memory) were damaged by the payload," the company noted in an online alert.

A researcher at the Internet Storm Center (ISC) confirmed the finding in independent tests. "At this point, I do not believe that the destructive payload will occur via shares and/or mapped drives," concluded ISC's Lorna Hutcheson.

Microsoft chimed in with an updated security advisory, originally released Monday, that now tells enterprise users a blank log-in password may protect them from the worm spreading throughout the network.

"In an environment where you can guarantee physical security, you do not need to use the account across the network, and you are using Windows XP or Windows Server 2003, a blank password is better than a weak password," the advisory now reads. Blank passwords, Microsoft added, can be used locally in Windows XP (SP1 and SP2), Windows Server 2003, and Windows Server 2003 SP1. "If the account password is blank, the account is not valid as a network credential," the advisory states.

But it was U.K.-based Sophos that had the smartest advice Thursday: Don't panic.

"Sit down, have a cup of tea, and work out if you have done everything you should have done to ensure your computer isn't at risk from the Nyxem worm, and indeed any of the other 120,000 pieces of malware in existence," said Graham Cluley, senior technology consultant at Sophos, in a statement.

news.independent.co.uk/world/science_technology/article342871.ece

Kama Sutra e-mail virus primed to strike today
By Martin Hickman, Consumer Affairs Correspondent
Published: 03 February 2006

Important information stored on home computers could be wiped clean by an e-mail virus called Kama Sutra that is timed to strike today.

Computer engineers say the virus has been infecting hundreds of thousands of machines across the world since being identified on 16 January. It is being circulated as a pornographic attachment to e-mails and spreads by e-mailing itself to other addresses from an infected computer. On the third day of every month it deletes files.

The virus targets computers using Microsoft Windows but, unlike many other recent viruses, deletes many popular types of file, including spreadsheets and presentations.

A website associated with the virus estimated it has now reached more than 300,000 victims. Its impact is likely to be greatest on home computers because most businesses have current anti-virus protection.

The virus got its name because some of its variations refer to the Kama Sutra guide to sexual positions but is also known as "Nyxem-E, Grew.A", "MyWife" or "BlackWorm". It appears as an e-mail with subject lines such as "Hot Movie" or "Miss Lebanon 2006".

Affected files include Oracle, Word, Adobe Acrobat, Photshop, Excel and PowerPoint. Because so many of the applications are used in offices, experts believe the virus may be aimed at businesses.

Ken Dunham, from the US internet security firm VeriSign, said: "This attack is under way and will be activated unless people get virus removal tools.

"If you have opened an e-mail and your computer froze up, you should be very concerned."

Important information stored on home computers could be wiped clean by an e-mail virus called Kama Sutra that is timed to strike today.

Computer engineers say the virus has been infecting hundreds of thousands of machines across the world since being identified on 16 January. It is being circulated as a pornographic attachment to e-mails and spreads by e-mailing itself to other addresses from an infected computer. On the third day of every month it deletes files.

The virus targets computers using Microsoft Windows but, unlike many other recent viruses, deletes many popular types of file, including spreadsheets and presentations.

A website associated with the virus estimated it has now reached more than 300,000 victims. Its impact is likely to be greatest on home computers because most businesses have current anti-virus protection.

The virus got its name because some of its variations refer to the Kama Sutra guide to sexual positions but is also known as "Nyxem-E, Grew.A", "MyWife" or "BlackWorm". It appears as an e-mail with subject lines such as "Hot Movie" or "Miss Lebanon 2006".

Affected files include Oracle, Word, Adobe Acrobat, Photshop, Excel and PowerPoint. Because so many of the applications are used in offices, experts believe the virus may be aimed at businesses.

Ken Dunham, from the US internet security firm VeriSign, said: "This attack is under way and will be activated unless people get virus removal tools.

"If you have opened an e-mail and your computer froze up, you should be very concerned."

Posted: 2/2/2006 6:46:39 PM EDT

[#1]

I don't use antivirus software. I have never had a computer virus that I didnt' intentionally install on a computer.

Just follow "safe browsing practices" and you will never have a problem.

Posted: 2/2/2006 6:49:07 PM EDT

[#2]

Quoted:
Just follow "safe browsing practices" and you will never have a problem.

THAT will be the exact reason why many people, including a lot of ARFcommers, will wake up to a major problem tomorrow. Ironically, it is also the same reason why a lot of them are also blind.

Posted: 2/2/2006 6:50:58 PM EDT

[#3]

If it is a dupe, and I not saying it is, then I still wouldn't say D@P%.

notadupe

Posted: 2/2/2006 6:51:25 PM EDT

[#4]

As thus is why you have a backup drive, even with security software installed, can be turned off just in case.

Posted: 2/2/2006 6:52:04 PM EDT

[#5]

Quoted:
I don't use antivirus software. I have never had a computer virus that I didnt' intentionally install on a computer.

Just follow "safe browsing practices" and you will never have a problem.

brilliant advice.

Posted: 2/2/2006 6:52:19 PM EDT

[#6]

Quoted:
Quoted:
Just follow "safe browsing practices" and you will never have a problem.

THAT will be the exact reason why many people, including a lot of ARFcommers, will wake up to a major problem tomorrow. Ironically, it is also the same reason why a lot of them are also blind.

Yep, i have been pretty lucky over the years, but I have been hit before myself.

Posted: 2/2/2006 6:55:05 PM EDT

[#7]

Whoever creates a worm should have their nads cut off via blowtorch.

Posted: 2/2/2006 6:55:15 PM EDT

[#8]

slackware.

I can't install viruses without setting up WINE.

Posted: 2/2/2006 6:56:29 PM EDT

[#9]

I read that it's only released if you open an attatchment from an email. Am I correct to assume that if I don't open an unknown attatchment I should be OK?

Posted: 2/2/2006 7:02:38 PM EDT

[#10]

Quoted:
I read that it's only released if you open an attatchment from an email. Am I correct to assume that if I don't open an unknown attatchment I should be OK?

Thats how most viruses work, others target your email programs like outlook.

I can't believe the number of idiots that open attached files they know nothing about.

Use a web based email system.

Don't open attachments.

You will not get a virus.

Posted: 2/2/2006 7:06:05 PM EDT

[#11]

Quoted:
I can't believe the number of idiots that open attached files they know nothing about.

Oh please, 80% of all guys here would probably open up an attachment which said "BOTD" or "Beautiful Sweater Puppies"

Posted: 2/2/2006 7:06:06 PM EDT

[#12]

Well, is there some online thingy to check if I have it and remove it?

Posted: 2/2/2006 7:06:09 PM EDT

[#13]

.

Posted: 2/2/2006 7:09:18 PM EDT

[#14]

The Worms are created by the People that sell the software to kill them!!

Bob

Posted: 2/2/2006 7:13:20 PM EDT

[#15]

My computer had a virus a while back, it still acts up even after the repair. Now I have an EL PRIMO Anti-Virus program.

I better make sure its updated

Posted: 2/2/2006 7:15:29 PM EDT

[#16]

~~securityresponse.symantec.com/avcenter/venc/data/w32.kiman.removal.tool.html~~

edit, this one: securityresponse.symantec.com/avcenter/venc/data/[email protected]

USE THIS TO FIND AND REMOVE THE VIRUS

Posted: 2/2/2006 7:23:10 PM EDT

[#17]

Quoted:
Well, is there some online thingy to check if I have it and remove it?

HouseCall is a good free online virus scanner/remover.

Posted: 2/2/2006 7:26:00 PM EDT

[#18]

AVG Free Edition

Posted: 2/2/2006 7:27:09 PM EDT

[#19]

Don't open attachments.

You will not get a virus.

Not quite true. There have been several viruses with Outhouse Express where you don't even have to open the attachment to get Microsoft to install the virus. As I understand it, several of those backdoors were eventually closed by Microsoft, but if several existed, then it stands to reason that there may be more. In a single day, half the Windows computers here were infected. These were on systems where none of the users click on attachments since there's no reason for any of them to ever receive a file from the outside world.z

Posted: 2/2/2006 7:28:05 PM EDT

[#20]

The major anti-virus scanners have been updated since 1-23 to catch this worm.

Once the foolish computer user installs the worm it phones home to a known web site to download more code. The ISPs in England found computers that had connected to the hacker's web site and notified them of thier impending doom. US ISPs have taken the course to just ignore the ability to warn the infected.

I too haven't had a virus that I didn't install on my computer myself since the DOS 3.0 days. Use an anti-virus, don't open attachments and lose Outlook Express and install something superior.

Posted: 2/2/2006 7:29:01 PM EDT

[#21]

Quoted:
lose Outlook Express and install something superior.

Like?

Posted: 2/2/2006 7:33:01 PM EDT

[#22]

Quoted:
Quoted:
I read that it's only released if you open an attatchment from an email. Am I correct to assume that if I don't open an unknown attatchment I should be OK?

Thats how most viruses work, others target your email programs like outlook.

I can't believe the number of idiots that open attached files they know nothing about.

Use a web based email system.

Don't open attachments.

You will not get a virus.

OK cool. I don't even open email from anyone unless they're in my address book let alone open an unknown attatchment. My ISP seems to have a pretty good virus scan as well so I think I'll be OK. Thanks for the clarification.

Posted: 2/2/2006 7:34:34 PM EDT

[#23]

Tomorrws gonna suck at work

Posted: 2/2/2006 7:42:31 PM EDT

[#24]

Not worried here. Our corporate Anti-Virus is also licensed to employees at home. It has had definitions out for this bug since mid-January. All of the systems I manage (and my home ones as well) are up to date within 60 minutes of a new definition being released and the systems are scanned daily.

Posted: 2/2/2006 7:48:34 PM EDT

[#25]

Quoted:
Quoted:
lose Outlook Express and install something superior.

Like?

evolution or thunderbird.

Posted: 2/2/2006 8:00:31 PM EDT

[#26]

Quoted:
Quoted:
I don't use antivirus software. I have never had a computer virus that I didnt' intentionally install on a computer.

Just follow "safe browsing practices" and you will never have a problem.

brilliant advice.

Yes, it is.

Posted: 2/2/2006 8:13:51 PM EDT

[#27]

Quoted:
Quoted:
Quoted:
I don't use antivirus software. I have never had a computer virus that I didnt' intentionally install on a computer.

Just follow "safe browsing practices" and you will never have a problem.

brilliant advice.

Yes, it is.

It's such a fine line between stupid and clever.
--David St. Hubbins & Derek Smalls

Posted: 2/2/2006 8:20:48 PM EDT

[#28]

Quoted:
Quoted:
Quoted:
I don't use antivirus software. I have never had a computer virus that I didnt' intentionally install on a computer.

Just follow "safe browsing practices" and you will never have a problem.

brilliant advice.

Yes, it is.

no it's not.

en.wikipedia.org/wiki/Sasser_%28computer_worm%29

Sasser spreads by exploiting the system through a vulnerable network port. Thus it is particularly potent in that it can spread without the help of the user...