A computer worm is expected to damage computer system starting midnight February 3, 2006. India, Peru, Italy, and Turkey are the most vulnerable to this worm, according to metrics on the spread of the worm in specific countries.


A computer worm is expected to damage computer system starting midnight February 3, 2006. India, Peru, Italy, and Turkey are the most vulnerable to this worm, according to metrics on the spread of the worm in specific countries.

“Expected damage: Kama Sutra contains a dangerous payload. On the third day of the month all files with the extensions DOC, XLS, MDE, MDB, PPT, PPS, RAR, PDF, PSD, DMP, and ZIP will be overwritten with an error message “DATA Error [47 0F 94 93 F4 K5].” These files–which include the default file formats for Microsoft Office and Adobe Acrobat applications–cannot be restored once they are damaged”. [source]

The worm has been given different names including Kamasutra, CME-24 (US-CERT), MyWife (McAfee), Tearec (Panda), Nyxem (Sophos), Blackmal (Symantec, Computer Associates, Vet), and GREW (Trend).

“We made a few additional tests with the worm in our test network environment. When the payload is activated, the worm enumerates all logical drives and damages files on them in a loop. So it should damage files on all drives that have a drive letter, including network drives. That’s the theory. In practice, however, the worm failed to do so on network drives, at least in our test environment. Files on local and removable drives (including USB memory) were damaged by the payload”. [source]

For tips on prevention and cure click here.

 

 

 

 

Sharing is caring