By Rick Moy
Potentially Devastating Worm Also Known as Blackmal, Nyxem, Mywife, Kama Sutra, CME-24
Set to Activate on February 3
SAN DIEGO, Calif. –February 1, 2006 – ESET, a global provider of security software, today advised users to protect themselves from the Win32/VB.NEI worm. Also known as Blackmal, Nyxem, Mywife, or Kama Sutra, this worm has been given the Common Malware Enumerator number of CME-24 (http://cme.mitre.org/data/list.html#24) and will activate on February 3, 2006, destroying several types of data files.
Win32/VB.NEI is a typical mass-mailing email worm which generally relies on users to click on an attachment to execute. It also attempts to spread via network shares. The worm is compressed down to 95,690 bytes using the UPX runtime executable packer. On the third day of every month, starting on February 3, 2006, Win32/VB.NEI will attempt to overwrite popular security applications along with files that have any of the following extensions:
• Microsoft Files- .doc, .xls, .mdb, mde, .ppt, .pps
• Archive Files- .zip, .rar
• Adobe Acrobat or Photoshop files- .pdf, .psd
For a complete description of the Win32/VB.NEI worm, please refer to our website at: http://eset.com/msgs/vbnei.htm.
Computers without adequate protection from the Win32/VB.NEI worm could suffer devastating data loss. ESET recommends that organizations and individuals follow three safe practices.
1. Avoid social engineering tricks – Do not click on email attachments or links in emails. Verify
Continue reading "ESET Advises Precautions Against Win32/VB.NEI Worm"
Posted by Spencer Cuffe
in Virus & AntiVirus News
at
14:37
