Blackworm Virus :: Impact date Feb 3, 2006?

Started by Jason, February 01, 2006, 09:08:15 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Jason

February 01, 2006, 09:08:15 AM
This could be interesting to watch unfold this Friday....

Make sure you're protected!!

The "strike" could potentially be activated this Friday :  Feb 3, 2006.

http://www.internetnews.com/security/article.php/3580166
Quote
A virus referred to as "Blackworm" by some security vendors has apparently already infected more then 2 million systems. At least that's what the virus's own counter Web site is posting...

Blackworm will unleash its misery on the naïve, unsuspecting, insecure PC users of the world on Feb. 3, overwriting at least 11 different file types on users' computers.

Those file types include all .doc (Microsoft Word), .xls (Microsoft Excel), .ppt/.pps (Microsoft PowerPoint) and .pdf files, among others.

As with most modern viruses, the best defense is updated antivirus software. The catch with Blackworm, though, is that if you didn't update your antivirus software before getting infected, the worm may well have already disabled it.

More reputable docs:

Norton (Symantec) Virus Details:
http://symantec.com/avcenter/venc/data/w32.blackmal.e@mm.html

Internet Storm Center article:
http://isc.sans.org/diary.php?storyid=1067

eWeek.com article:
http://www.eweek.com/article2/0,1895,1915070,00.asp

I'm curious to see if it's a lot of hype or if it really causes the damage they're thinking it might.

Mark

#1
February 02, 2006, 11:34:29 AM
I'm going to have to go ahead and say that it's probably a bunch of hype. Who in there right mind would have a website setup to show off the damage done by a virus? Can't they get in a lot of trouble if it is real? The website would just make it easier to find the people responsible.

Jason

#2
February 02, 2006, 12:51:11 PM
That's what will make tomorrow all the more interesting!!

Especially moreso if people who are running AV software (and think they're protected) get a wakeup call.

Only time will tell...

Furthermore, I think it's set to activate on the 3rd of every month thereafter, so it could potentially be an ongoing issue.

Jason

#3
February 03, 2006, 10:23:25 PM
Well, it seems most sources are viewing this initial threat as a dud so far.

On a side note, there is a LONG article regarding this virus and the naming conventions used for viruses here:

http://blogs.washingtonpost.com/securityfix/2006/02/virus_naming_st.html

Note, if you're not into tech stuff, this is not worth your time :)  But if you're curious about the goverment's  intent to come up with a naming scheme, it's somewhat interesting.

I'm still going to follow this one.  It will still supposedly delete your files no matter when you get it on the 3rd of every month going forward.  Or so they say...

Details to come :)

Jason

#4
February 03, 2006, 10:26:17 PM
and here's more...

http://news.zdnet.com/2100-1009_22-6034706.html

Quote
The Kama Sutra worm, designed to begin deleting files on infected computers this morning, has caused virtually no damage, according to antivirus firms.

The worm, also known as Nyxem.E, MyWife and Blackworm, has been circulating for a couple of weeks, and antivirus vendors said businesses have done well to ensure that their networks were protected against the pest.

There have been "no reports of any (Kama Sutra) detonations so far. Also, the virus seems to be dropping in e-mail prevalence. It was down to second place yesterday, according to our monitoring stations, and slid again into third place today," Paul Ducklin, head of technology at Sophos Asia-Pacific, told ZDNet Australia.

Print
Go Up Pages1
User actions