BUSINESS

Kama Sutra keeps CERT on its toes

Source:PTI
February 03, 2006

The dreaded mass-mailing worm expected to strike computers across the world today has kept the Indian Computer Emergency Response Team, set up by the Department of Information Technology, on its toes.

Since Friday morning the response team is being flooded with calls seeking information on the virus and protection to be taken against it, but no actual cases of infection have been so far reported.

"The mass mailing worm called Nyxem with aliases such as Kama Sutra, Blackmal, MyWife, Grew and its variants are spreading very fast infecting large number of computers running Microsoft Windows," CERT said.

The destructive payload of this worm activates on every third day of the month and it is expected to strike for the first time today, on February 3, 2006.

The worm is activated when an infected mail is opened. After the strike, it deletes the Microsoft and Adobe files. It also sends itself to the addresses in the mail book of the infected computer.

The file formats that are infected the most are DOC, XLS, MDB, MDE, PPT, PPS, ZIP, RAR, PDF, PSD and DMP. While the well- known e-mail service providers have an updated anti-virus software to take care of the worm, the internal e-mail systems of organisations that did not have effective anti-virus systems, were at risk, CERT said.

It has advised computer users to update anti-virus software regularly, block emails with the subjects and attachments mentioned above at the email gateway level, exercise caution while opening email attachments, block unknown file types at the email gateway, backup all important data files and apply appropriate security updates at OS and application level.

Meanwhile, in a media note Gulshan Rai, Director, Indian Computer Emergency Response Team (CERT In), says:

To detect and protect your data from the Win32/Mywife.e@mm, also known as Black Worm or Kama Sutra worm, Indian Computer Emergency Response Team (CERT In) advises all users to visit the Protect Your PC Web site (www.protectyourpc.com).

CERT In has also advised all computer users to use caution with unknown file attachments to follow the guidelines of allowing a firewall, getting software updates, and installing anti-virus software at http://www.cert-in.org.in/virus/nyxem_e-worm.htm.

Win32/Mywife.e@mm is a mass-mailing network worm that targets certain software. The worm spreads through e-mail attachments and shared network drives. It is expected to corrupt the content of specific files on the third day of every month, starting February 3, 2006.

As with all currently known variant of the Mywife malware, this variant does not exploit any secutrity vulnerability, but is dependent on the user opening an infected file attachment. The virus has been accorded a medium rating in terms of transmission and moderate rating for recovery. However, it does not have a high damage rating.

Additionally, Microsoft also provides tools for detection of and protection from the worm and its variants at its Windows_OneCare_LiveBeta (www.windowsonecare.com).

Source: PTI
© Copyright 2024 PTI. All rights reserved. Republication or redistribution of PTI content, including by framing or similar means, is expressly prohibited without the prior written consent.

NEXT ARTICLE

NewsBusinessMoviesSportsCricketGet AheadDiscussionLabsMyPageVideosCompany Email