Help
This post has been edited by quietman7: 18 January 2006 - 07:56 AM
Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Page 1 of 1
New Email-worm.win32.vb.bi Spreading
Back to top
#2
- Bleepin' Janitor
-
- Group: Global Moderator
- Posts: 25,113
- Joined: 09-July 05
- Location:Virginia, USA
Posted 21 January 2006 - 08:21 AM
Quote
Friday, January 20, 2006
A new email worm Nyxem.E is picking up. We are seeing more reports of it. FSAV detects it with update version 2006-01-20_01 published early this morning.
We upgraded Nyxem.E to Radar level 2 due to the increased number of reports.
The worm's destructive payload activates on every third day of the month by replacing the content of user's files with a text string "DATA Error [47 0F 94 93 F4 K5]". Among these files are: DOC, XLS, MDB,
MDE, PPT, PPS, ZIP, RAR, PDF, PSD and DMP.
A new email worm Nyxem.E is picking up. We are seeing more reports of it. FSAV detects it with update version 2006-01-20_01 published early this morning.
We upgraded Nyxem.E to Radar level 2 due to the increased number of reports.
The worm's destructive payload activates on every third day of the month by replacing the content of user's files with a text string "DATA Error [47 0F 94 93 F4 K5]". Among these files are: DOC, XLS, MDB,
MDE, PPT, PPS, ZIP, RAR, PDF, PSD and DMP.
f-secure.com/weblog
Nyxem.E Info page
Microsoft MVP - Consumer Security 2007-2012 
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
#3
- Bleepin' Janitor
-
- Group: Global Moderator
- Posts: 25,113
- Joined: 09-July 05
- Location:Virginia, USA
Posted 23 January 2006 - 09:54 AM
Quote
The web counter used by the Nyxem worm now shows over 510,000 infections and keeps rising...If the worm keeps this pace, Friday the 3rd of February might be nasty - that's when the destructive payload is programmed to strike for the first time.
f-secure.com/weblog/archives
Microsoft MVP - Consumer Security 2007-2012
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Share this topic:
Page 1 of 1