The [highlight]Nyxem-E[/highlight] Windows virus first emerged on 16 January and has been steadily racking up victims ever since. Nyxem-E is also known as the Blackmal, MyWife, [highlight]Kama Sutra[/highlight], Grew and CME-24 virus.
Helpfully, the virus reports every fresh infection back to an associated website which displays the total via a counter.
Late last week the counter was reporting millions of infections, but detective work by security firm Lurhq found that many of these reports were bogus.
SAMPLE SUBJECT LINES
Fw: Funny
Fw: Picturs
*Hot Movie*
Fw: SeX.mpg
Re: Sex Video
Miss Lebanon 2006
School girl fantasies gone bad
However, Lurhq reported that more than
300,000 machines are known to have fallen victim to Nyxem-E.
Like many recent viruses, Nyxem tries to spread by making people open attachments on e-mail messages that are infected with the destructive code.
The subject lines and body text of the various messages Nyxem uses vary, but many falsely claim that pornographic videos and pictures are in the attachments.
On infected machines the virus raids address books to find e-mail addresses to send itself to.
The virus also tries to spread by searching for machines on the same local network as any computer it has compromised.
Unlike many recent viruses Nyxem is set to overwrite 11 different types of file on infected machines on the [highlight]third of every month[/highlight]. The list of files to be over-written includes the most widely used sorts of formats.
NYXEM FILE TARGETS
DMP - Oracle files
DOC - Word document
MDB - Microsoft Access
MDE - Microsoft Access/Office
PDF - Adobe Acrobat
PPS - PowerPoint slideshow
PPT - PowerPoint
PSD - Photoshop
RAR - Compressed archive
XLS - Excel spreadsheet
ZIP - Compressed file
Separately, the virus also tries to disable anti-virus software to stop it updating and can also disable the mouse and keyboard on infected machines.
Users were being urged to update anti-virus software and to scan their system to ensure they had not been caught out. Many anti-virus firms have also produced tools that help clean up infected systems.
We'll be right, we all read our email in plain text & never open attachments... do we