Rosco Posted January 30, 2006 Report Posted January 30, 2006 I'm sure none of us would click on these attachments but just in case... Countdown for nasty Windows virus PC users have been urged to scan their computers before 3 February to avoid falling victim to a destructive virus. On that date the Nyxem virus is set to delete Word, Powerpoint, Excel and Acrobat files on infected machines. Nyxem is thought to have caught out many people by promising porn to those who open the attachments on e-mail messages carrying the virus. Anti-virus companies have stopped lots of copies, suggesting it had infected a large number of computers. Porn peril The Nyxem-E Windows virus first emerged on 16 January and has been steadily racking up victims ever since. Nyxem-E is also known as the Blackmal, MyWife, Kama Sutra, Grew and CME-24 virus. Helpfully, the virus reports every fresh infection back to an associated website which displays the total via a counter. Late last week the counter was reporting millions of infections, but detective work by security firm Lurhq found that many of these reports were bogus. However, Lurhq reported that more than 300,000 machines are known to have fallen victim to Nyxem-E. Like many recent viruses, Nyxem tries to spread by making people open attachments on e-mail messages that are infected with the destructive code. The subject lines and body text of the various messages Nyxem uses vary, but many falsely claim that pornographic videos and pictures are in the attachments. On infected machines the virus raids address books to find e-mail addresses to send itself to. The virus also tries to spread by searching for machines on the same local network as any computer it has compromised. Unlike many recent viruses Nyxem is set to overwrite 11 different types of file on infected machines on the third of every month. The list of files to be over-written includes the most widely used sorts of formats. Separately, the virus also tries to disable anti-virus software to stop it updating and can also disable the mouse and keyboard on infected machines. Users were being urged to update anti-virus software and to scan their system to ensure they had not been caught out. Many anti-virus firms have also produced tools that help clean up infected systems. Jason Steer, technical consultant at mail filtering firm Ironport, said Nyxem was a throwback to the types of viruses that used to circulate in the early days of computer networks. "If you go back 10-15 years ago viruses tended to quite malicious," he said. "They were going to re-format your hard disk, delete files and so on." Pete Simpson, threat lab manager at security firm Clearswift, said: "It's a bit puzzling because script kiddies have largely left the scene. "It shows a certain intelligence in its design but what's the motive?" he asked, "Pure vandalism does not ring true these days." Both Mr Steer and Mr Simpson feared that home users would be hardest hit by Nyxem on 3 February. Most businesses, they said, now have regularly updated anti-virus systems in place and disinfect e-mail traffic before it reaches users' desktops. By contrast many home users did not regularly patch Windows, update anti-virus or perform full system scans to ensure their machine stays clean. Users were also encouraged to make regular back-ups of any files they want to preserve. SAMPLE SUBJECT LINES Fw: Funny Fw: Picturs *Hot Movie* Fw: SeX.mpg Re: Sex Video Miss Lebanon 2006 School girl fantasies gone bad NYXEM FILE TARGETS DMP - Oracle files DOC - Word document MDB - Microsoft Access MDE - Microsoft Access/Office PDF - Adobe Acrobat PPS - PowerPoint slideshow PPT - PowerPoint PSD - Photoshop RAR - Compressed archive XLS - Excel spreadsheet ZIP - Compressed file http://news.bbc.co.uk/1/hi/technology/4661582.stm Quote
Dan Gould Posted January 30, 2006 Report Posted January 30, 2006 Thank heavens I don't click on attachments in my porn spam. I just follow the links. Quote
Jim Alfredson Posted January 30, 2006 Report Posted January 30, 2006 Thank heavens I don't open anything from anyone I'm not expecting to send an attachment, because that's STUPID. Quote
Claude Posted January 30, 2006 Report Posted January 30, 2006 (edited) Thank heavens I don't open anything from anyone I'm not expecting to send an attachment, because that's STUPID. Some virus emails sent to my office address are clever enough to use an existing email address from the same administration in the "From" field (which can be edited at will and is not a proof of the origin). In those cases I was only able to detect the scam because the text was in english (we mostly use french here) and was suspiciously generic (Subject: "Important document" Email text: "Please read attached document and send comments ASAP"). Edited January 30, 2006 by Claude Quote
Mr. Gone Posted January 30, 2006 Report Posted January 30, 2006 Three replies already and no "glad I use Linux/Apple"?! Quote
Mr. Gone Posted January 30, 2006 Report Posted January 30, 2006 Any Linux user here? Linux and Windows. Quote
Uncle Skid Posted January 30, 2006 Report Posted January 30, 2006 Any Linux user here? Debian "Testing" (etch) -- email client is Evolution w/spam assassin. Quote
_forumlogo.png.a607ef20a6e0c299ab2aa6443aa1f32e.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.