 | « Back to article | Print this article |
First the bad news. There's a worm that will challenge your security software on Friday. Executed on the third day of every month, it will attempt to overwrite user files such as Microsoft Office and PDF documents. The good news is that it's not as harmful as made out to be.
Antivirus vendors, it appears, can't agree on the worm's technical name: F-Secure calls it VB.bi, Symantec calls it W32.Blackmal.E@mm, McAfee calls it w32/mywife.d@mm, and Sophos calls it W32/Nyxem-D.
Called "Kama Sutra" for want of a better name, users are more likely to be embarrassed when infected (rather than devastated) since they will need to tell their co-workers (males and females) that they fell for porn stuff.
Well, this is how this worm works. It arrives as a malicious e-mail that could contain a variety of different subjects and message bodies, invariably with some sort of smut (you can check out McAfee's alert for a complete list).
The worm also uses different attachment names and extensions. If you run Kama Sutra's malicious attachment, it attacks and kills your security software, adds a bunch of shady executable files to your computer, and sends itself to all your friends and contacts. Imagine your boss getting it!
You can easily avoid this worm by not opening unsolicited e-mail attachments and updating your antivirus definition files. And don't open e-mail porn! WatchGuard Technologies said users of its antivirus solutions have "Zero-Day protection from the so-called Kama Sutra worm".
Unmesh Deshmuk, country sales manager, Enterprise Security, Symantec, says: "There's definitely a threat from this worm. However, it's not as bad as it's made out to be. It will at most, disable a few elements of the security system. The worm has the ability to replicate and send itself to addresses from you contact list. Major corporates generally have multiple layers of security which includes a firewall and IDS (Intrusion Detection System). The integrated security system will help them avert any disaster."
Symantec has rated the threat as a Category 2 threat on a scale of 1 to 5 with 5 being the most severe.
