posted on February 2, 2006 01:47:08 PM
Maybe you all know this already? Our server-guru told me today that he was up all night getting his systems ready for a big virus due tonight or tomorrow--one that will wipe out all data. I've updated my virus definitions with Norton and am doing a backup of everything. Just thought some of you would want to know. ~Adele
______________________________
posted on February 2, 2006 02:53:09 PM
I wonder what would happen if, to be on the safe side, we set our computer calendars to another date so it wouldn't ever be FEB 3 ?
Just in case others haven't heard of it, the virus is scheduled to wipe out all saved docs on the 3rd of every month.
-------------------------------------
posted on February 2, 2006 03:07:33 PM
Is this the virus I heard about on the news the other day that will be sent via email. If it is the simple sollution would be don't open any emails from someone you don't know.
They say your memory's the second thing to go, I just can't remember what the first thing is.
posted on February 2, 2006 04:03:19 PM
They just said on the news that you get it by opening X-rated stuff.
Guess some of you guys better be careful!!!!
Robin Arnfield, newsfactor.com 1 hour, 51 minutes ago
Microsoft has published a security advisory to warn Internet users about a worm that could destroy their documents on February 3.
ADVERTISEMENT
While other companies have identified the worm by several names -- including Kama Sutra, Blackworm, Nyxem-D, and W32.Blackmail.E -- the Redmond, Washington-based software firm is calling the worm Mywife, and has said that it is a variant of the Win32/Mywife.E@mm virus.
"The mass-mailing malware tries to entice users through social-engineering efforts into opening an attached file in an e-mail message," the Microsoft advisory states.
"If the recipient opens the file, the malware sends itself to all the contacts that are contained in the system's address book. The malware may also spread over writeable network shares on systems that have blank administrator passwords."
Purely Malicious
Microsoft is warning that on the third day of each month, starting February 3, the Mywife worm will attempt to destroy common document files. The advisory indicates that the malware also modifies or deletes files and registry keys associated with certain security-related applications.
"Unlike most viruses, which have some financial objective, such as stealing Internet-banking passwords or using the victim's PC to send spam, this worm is purely malicious," said David Perry, antivirus software firm Trend Micro's global director of education. "It is as if its creators just want people to sit up and take notice of them."
Perry said that Trend Micro's free virus-scanning service on its Web site -- used by those who do not have the company's security tools installed on their PCs -- had identified 26,000 computers that were corrupted with the Mywife worm, along with 184,000 infected files.
"Other antivirus vendors are reporting hundreds of thousands of computers infected with Mywife, and one security research firm, SANS Institute, is even claiming the number is over two million," Perry said.
Threat Assessment
Perry also said that, compared to recent outbreaks, Mywife is not a major threat. Stacey Quandt, Aberdeen Group's research director of security solutions and services, agreed.
"Since most businesses use antivirus software and understand the risk of clicking on a link in an e-mail, the threat that this worm poses is minimal," Quandt said. "However, the risk is certainly higher for any organization or consumer that does not currently use antivirus software or is not aware of the risks of executables in an e-mail."
"Will I be infected, or will someone in my organization be infected?" asked Russ Cooper, senior information analyst at security firm Cybertrust. "The simple fact is that, if you are infected with this one, you were probably infected with something else -- likely a Sober variant -- before. That's because there's nothing special about this one that we haven't been seeing in so many worms over the past 18 months."
Cooper said a user has to double-click on a .PIF, .SCR, or .ZIP file to get infected with the worm. "If .ZIP, then you have to further double-click on the .PIF or .SCR it contains," he said. "Further, for you to get infected, you have to have stopped your antivirus from running," Cooper said. "All antivirus applications have been detecting this since virtually the first day it was discovered."
They say your memory's the second thing to go, I just can't remember what the first thing is.
posted on February 2, 2006 04:45:02 PM
there is another virus,the bird flu -if it comes,you should have 5 weeks worth of canned and dry food,plenty of bleach and stay home .
/ lets all stop whining !! /
posted on February 2, 2006 05:24:08 PM
I'll tell you what would really do it to all of us: Develop a virus that picks up the e-mail address of a friend (in each of our computers) and puts its virus in a fake e-mail from that friend.
______________________________
posted on February 2, 2006 09:07:27 PM
Cash: REALLY? I guess I have the mind of a crook, then. I'd not heard of that one.
______________________________
posted on February 3, 2006 02:04:43 AM
FYI it's the 4th here and my PC is still working. Are you sure your facts are correct on the date the payload launches?
posted on February 3, 2006 03:18:42 AM
Yes - looks like you escaped it! Must not be looking at porn. Here's the skinny:
Worm set to delete data files on February 3
1/23/2006 9:33:27 AM, by Jeremy Reimer
Adblock
While the most high-profile security vulnerability of late was almost certainly the WMF hole recently patched by Microsoft, in terms of actual numbers of infections it was barely a blip on the radar. According to the anti-virus company F-Secure, one of the most populous and dangerous infections today is not some sophisticated bit of code exploiting a new and exotic security hole, but an old-school e-mail worm written in Visual Basic that spreads by tempting users with free pornography.
The worm, named Nyxem.E, was discovered on January 20. It spreads by convincing users to open an executable attachment in their e-mail, tempting them with subject lines such as "Arab sex DSC-00465.jpg," "Miss Lebanon 2006," or "School girl fantasies gone bad." The executable, when run, checks to see if there are any common anti-virus programs running, and if so disables them. It inserts itself into the Windows registry in the standard places such as Software\Microsoft\Windows\CurrentVersion\Run so that it will run on startup, then scans the users' hard drive for any e-mail addresses it can find to send itself off to the next victim. It also attempts to spread via network shares.
The payload, which is set to execute on the third day of every month and so will first deploy on February 3, does not render the user's computer inoperative, but instead destroys that user's data. All Word, Excel, Access, Powerpoint, Acrobat, Photoshop, and some other files including zipped archives are deleted and replaced with the text string "DATA Error [47 0F 94 93 F4 K5]." This could result in some embarrassingly short business presentations scheduled for the beginning of next month.
One interesting feature of the worm is that whenever it runs it opens a web browser and accesses a certain webpage, incrementing the hit counter on that site. This appears to be a crude method for the worm's authors to track the number of infections. F-Secure estimates the number of machines already infected to be around 510,000 machines as of Sunday night, and the worm was accounting for about 35 percent of malware traffic as of Monday morning.
It is somewhat interesting that in an age where spyware and malware are becoming more and more sophisticated and serious, that the first large-scale infection of the new year would be a crude VB e-mail worm, the sort that most people were supposedly trained to guard against ages ago. Outlook and Outlook Express were both patched several years ago to disallow the execution of e-mail attachments by default, and many ISPs strip out executable attachments, preventing them from ever appearing in the users' mailbox. Yet all the technological safeguards over the last few years appear to be no match for the power of social engineering.
-------------------------------------
posted on February 3, 2006 12:05:17 PM
Or I guess my m0nkey p0rn-free MacOS is immune to this virus. Yes, God still loves us 'primitives' using OSX 10.2.8 on an overclocked 1998 Mac
posted on February 3, 2006 03:59:29 PM
agitprop, don't you just hate that the Pee-See users get to have all the virus fun?
____________________________________________
posted on February 3, 2006 05:34:11 PM
They get 'em real cheap, and after all, it's what most people use, so it must be good, right?
____________________________________________
posted on February 3, 2006 06:01:54 PM
I don't get it. You can buy one of the older all in one iMacs for under $200 with shipping. Even if you just use it for ebay and email I would think that the lack of hassle and lack of worry over things like this would be well worth it.
Maybe they are just afraid they will realize they will have to admit that Mac addicts were right all along.
~~~ • ~~~ • ~~~ • ~~~ • ~~~
Never ask what sort if computer a guy drives. If he's a Mac user, he'll tell you. If he's not, why embarrass him? - Tom Clancy
posted on February 3, 2006 06:45:32 PM
My theory is that:
- People's offices have PCs rather than Macs because nobody ever got fired for specifying Windows, even when it was the wrong choice. The only exception I ever saw to this was in advertising/graphics/etc., where the situation was the reverse.
- People's homes have PCs rather than Macs because they want compatibility with their office (which is a polite way of saying that they steal software to use at home)
Until recently, Macs were much more expensive than a comparable PC. They had much less choice in what would run on them... which in turn led to their greater stability.
My wife wants an Apple laptop (whatever they're calling the new ones with Intel chips), and she'll probably get one.
We have 8 PCs between home and shop (because I wanted compatiblity with the office ). Actually, in my previous life, I wrote a lot of VBA code at home, and the security layer at work didn't support anything other than Windows.
Apple hit a home run by switching to Intel. MS should worry.
posted on February 3, 2006 07:32:58 PMagitprop, don't you just hate that the Pee-See users get to have all the virus fun?
In a word, NO.
Several of the companies and TLAs I consulted for had security restrictions in place so (thankfully) never a Windows PC to be seen... no virii or spam on their networks either. No bringing outside PCs, software or media (floppies, CD/DVDs, phone handsets, etc) into or out of the office. As a great thinker once said, "Keep it as simple as possible, but nothing simplier."
posted on February 3, 2006 07:43:03 PM
cashinyourcloset wrote, My wife wants an Apple laptop (whatever they're calling the new ones with Intel chips), and she'll probably get one.
Wait. Apple always has teething problems with new platforms or architectures. I'd strongly advise waiting until the 2G or 3G versions are out next year, and the software has had a chance to play catch up. There are some interesting things in Apple's pipeline if all I heard is true...
posted on February 3, 2006 09:19:22 PM
Early adopters always end up doing bug testing, no matter the company or OS. I'd suggesting waiting about 6 months too, but the mac OS has been running on intel chips since OS X came out 5+ years ago. This change has been well proofed inside Apple, much more so than usual.Apple has played it's cards right this time. The software ports are going to be easy too, and most major programs will already run without issues. This changeover is going to be pretty easy, I'll bet, and no, the cheapskates aren't going to see Apple selling boxed versions of it's OS for them to install on their Dells. They're still a hardware company, and the synergy between the OS, the hardware, and the Apple designed built for Mac programs are what really makes a Mac a Mac, not the processor.
____________________________________________
posted on February 3, 2006 09:23:35 PM
Forgot to mention, the complete, utter lack of virii, worms, adware, spyware, malware and popups is just frosting on the cake.
____________________________________________
posted on February 4, 2006 09:31:46 AM
well....that virus was a big to do about
NOTHING.Can you say PANIC?? It seems the more attention these virus's get,the least damage they do.
"Maybe you all know this already? Our server-guru told me today that he was up all night getting his systems ready for a big virus due tonight or tomorrow--one that will wipe out all data. I've updated my virus definitions with Norton and am doing a backup of everything. Just thought some of you would want to know"
guess your server-guru aint too swift-I did absolutely nothing and guess what?? Nothing happened.This is like "the boy that cried wolf"
or how about yelling "fire" in a movie theater.
