Most of you will have noticed in the last few days at least
that the Kama Sutra worm (AKA Nyxem-E or Blackmal) has been hyped as the first big security threat
of 2006. The worm, as with all other
worms will try to spread itself by scanning an infected users contacts and
mailing itself out to them, it also spreads itself across unsecured shares and
tries to disable firewall/anti-virus products.
Pretty standard stuffthe worm destroys DOC, XLS, MDB, MDE, PPT, PPS,
ZIP, RAR, PDF, PSD and DMP files on the 3rd of each month by
replacing any data with the string DATA
Error [47 0F 94 93 F4 K5].
Due to the fact that we have quite a few roaming users, moving between
multiple international offices, hotels and so on, I was expecting to have at
least one or two infected users.
We actually had no reported infections or any strange
behaviour; is all of this talk simply scaremongering on the part of anti-virus
firms? Has anyone had problems with this
worm, or any similarly hyped outbreaks?