If you have computer files you'd rather not lose, now is a good time to make sure your anti-virus software is up to date. A worm set to activate Friday will corrupt documents using the most common file types, including ".doc," ".pdf," and ".zip."
Hundreds of thousands of machines are believed to be infected, mostly in India, Peru, Turkey and Italy, said Mikko Hypponen, chief research officer for Finnish security company F-Secure Corp.
The worm, known as "CME-24," "BlackWorm," "Mywife.E" or a number of other monikers, even tries to disable anti-virus software that is out of date, he said.
Thus, users should make sure their software is turned on and has the latest definitions, generally available for free from the software vendor's Web site. F-Secure also has created a free removal tool.
"If you are infected, and you find out about it today, you still have time to get rid of the virus," Hypponen said.
As worms go, the spread of BlackWorm is relatively low. But worms these days are generally designed to help spammers and hackers carry out attacks, not to destroy files as this one does. So the impact this time may be more severe.
Microsoft Corp. issued an advisory Tuesday warning customers about the worm, which affects most versions of its Windows operating system. (MSNBC.com is a Microsoft - NBC joint venture.)
Users should be safe if they have the latest anti-virus software or if their computers are set with limited privileges, a common setting in larger organizations. They are vulnerable if they, like many small business and home users, leave their computers set with full administrative rights.
And users should check the date on the computer. The worm hits the third of every month, so if the computer's local calendar settings are off, Hypponen said, files may be destroyed sooner or later, even if the computer is never turned on Friday.
File-destroying worm set to activate Friday
Moderator: S2k Moderators
-
TexasStooge
- Category 5
- Posts: 38127
- Joined: Tue Mar 25, 2003 1:22 pm
- Location: Irving (Dallas County), TX
- Contact:
Thanks for the heads up.-
TexasStooge
- Category 5
- Posts: 38127
- Joined: Tue Mar 25, 2003 1:22 pm
- Location: Irving (Dallas County), TX
- Contact:
File-destroying worm causes little damage
Associated Press
A file-destroying computer worm set to activate Friday caused relatively little damage in Asia and Europe, although one Italian city shut down computers as a precaution.
Hundreds of thousands of computers were believed to be infected, but many companies and individuals had time to clean up their machines this week after security vendors and media outlets warned of the "Kama Sutra" worm.
"It's been pretty quiet," said Mikko Hypponen, chief research officer for Finnish security company F-Secure Corp. "We know the word is out there."
In Milan, Italy, technicians switched off more than 10,000 computers after discovering the infection Thursday and deciding they didn't have enough time to clean the machines.
"It has spread to all our computers," said Giancarlo Martella, Milan's councilman for technological innovation and public services. "Knowing how destructive it is, we turned off all personal computers to avoid losing our data."
Only the municipality's registry office had been kept open because its "passive terminals" don't store data, Martella said, adding he hoped the computers would return to normal by Monday.
Experts had warned earlier that the worm, also known as "CME-24," "BlackWorm," or "Mywife.E," could corrupt documents using the most common file types, including ".doc," ".pdf," and ".zip." It affects most versions of Microsoft Corp.'s Windows operating system, prompting the software giant to issue a warning Tuesday.
Security vendors Trend Micro Inc. and CA Inc. both assessed the overall risk and distribution as low. The worm wasn't expected to spread any more quickly Friday. Rather, Friday was the first trigger date for the file-destroying code.
"It's well past the deadline but we haven't confirmed any cases of the Kama Sutra in Japan, which suggests we're not looking at a major outbreak," said Itsuro Nishimoto, an executive at Tokyo-based computer security company LAC Corp.
A manager at Hong Kong's official coordination center for computer emergencies said he had not received any reports or calls for help from those infected by the worm.
"It began spreading late last month but we haven't received any calls in the past two weeks," Roy Ko said. "We don't expect to receive any today, either."
Ajit Pillai, India's manager for U.S. security firm Watchguard Technologies Inc., said about 10 percent of his customers in the country had the worm, but they "followed the remedies and managed to avoid any problem."
"We didn't have to do any firefighting today," Pillai said.
Unlike other worms generally designed to help spammers and hackers carry out attacks, Kama Sutra could inflict more damage because it sets out to destroy documents.
"This virus is nowhere near as widespread as some of the (recent virus) cases," Hypponen said. "The reason it's talked about is because it's more destructive."
He said damage is high among those hit, but many businesses should already be protected by antivirus software. Home users and smaller companies without the latest software updates may be more vulnerable.
Associated Press
A file-destroying computer worm set to activate Friday caused relatively little damage in Asia and Europe, although one Italian city shut down computers as a precaution.
Hundreds of thousands of computers were believed to be infected, but many companies and individuals had time to clean up their machines this week after security vendors and media outlets warned of the "Kama Sutra" worm.
"It's been pretty quiet," said Mikko Hypponen, chief research officer for Finnish security company F-Secure Corp. "We know the word is out there."
In Milan, Italy, technicians switched off more than 10,000 computers after discovering the infection Thursday and deciding they didn't have enough time to clean the machines.
"It has spread to all our computers," said Giancarlo Martella, Milan's councilman for technological innovation and public services. "Knowing how destructive it is, we turned off all personal computers to avoid losing our data."
Only the municipality's registry office had been kept open because its "passive terminals" don't store data, Martella said, adding he hoped the computers would return to normal by Monday.
Experts had warned earlier that the worm, also known as "CME-24," "BlackWorm," or "Mywife.E," could corrupt documents using the most common file types, including ".doc," ".pdf," and ".zip." It affects most versions of Microsoft Corp.'s Windows operating system, prompting the software giant to issue a warning Tuesday.
Security vendors Trend Micro Inc. and CA Inc. both assessed the overall risk and distribution as low. The worm wasn't expected to spread any more quickly Friday. Rather, Friday was the first trigger date for the file-destroying code.
"It's well past the deadline but we haven't confirmed any cases of the Kama Sutra in Japan, which suggests we're not looking at a major outbreak," said Itsuro Nishimoto, an executive at Tokyo-based computer security company LAC Corp.
A manager at Hong Kong's official coordination center for computer emergencies said he had not received any reports or calls for help from those infected by the worm.
"It began spreading late last month but we haven't received any calls in the past two weeks," Roy Ko said. "We don't expect to receive any today, either."
Ajit Pillai, India's manager for U.S. security firm Watchguard Technologies Inc., said about 10 percent of his customers in the country had the worm, but they "followed the remedies and managed to avoid any problem."
"We didn't have to do any firefighting today," Pillai said.
Unlike other worms generally designed to help spammers and hackers carry out attacks, Kama Sutra could inflict more damage because it sets out to destroy documents.
"This virus is nowhere near as widespread as some of the (recent virus) cases," Hypponen said. "The reason it's talked about is because it's more destructive."
He said damage is high among those hit, but many businesses should already be protected by antivirus software. Home users and smaller companies without the latest software updates may be more vulnerable.
0 likes
Who is online
Users browsing this forum: No registered users and 4 guests