New Virus Nyxem
The mass-mailing Blackmal.E virus has spread to more than 300,000 machines, far less than the 9 million hits indicated by a Web counter used by the program, according to an analysis of the data retrieved from the affected Internet service provider.
"Even so, 300,000 infected users worldwide is not a terribly large amount when compared to previous worms like Sober or MyDoom," Lurhq stated in its analysis. "However, with this worm it isn't the quantity of infected users, it is the destructive payload which is most concerning."
Computers that remain infected on February 3 will have eleven types of data deleted from the hard drive, including any Word, Excel, PowerPoint or PDF documents. However, a similar threat posed by the Sober virus, largely failed to happen. Because the Blackmal virus does not rely on external Web sites, however, it's unlikely that it will be as easily hobbled.
Description:
W32.Blackmal.E@mm attempts to propagate network shares with unsecured privilege and disables security software.
W32.Blackmal.E@mm may attempt to display an icon in the Windows taskbar with the text:
Update Please wait
Technical Name:
W32.Blackmal.E@mm
CME-24 Win32.Blackmal.F Worm.Win32.Nyxem.e Worm.Win32.Nyxem.e W32/MyWife.d@MM W32/MyWife.d@MM!M24 W32/Small.KI@mm Tearec.A
W32/Nyxem-D WORM_GREW.{A, B}
Threat Level: Medium
Type: Worm
Systems Affected: Windows All
Detection Date: January 17, 2006
REMOVAL TOOL:
W32.Blackmal.E@mm removal tool is available to clean the infections. Use this removal tool first, as it is the easiest way to remove this threat.
Note: The threat targets AV
products, so if any of the targeted files have been deleted, then the AV product may need to be reinstalled after using the removal tool.
Reply With Quote
Re: New Virus Nyxem
Re: New Virus Nyxem
