The virus--dubbed Blackmal.E or Nyxem.E by antivirus companies and designated as CME 24 under the Common Malware Enumeration standard--has spread to as many as 600,000 computers, with the three most infected nations--the United States, India and Peru--making up more than half of all compromises. The virus first emerged on January 16th and has been racking up victims ever since.
The virus is programmed to start deleting eleven different types of files on the third of each month, starting with Friday, February 3. The files will be deleted from a computer's local hard drive as well as network-attached storage. Since nowadays most companies encourage saving information on the network, the virus may cause more destruction that we think. The virus is the most destructive program to hit the Internet recently. Some unlucky users have already fallen victim to Nyxem-E because the clock on their machine is set to the wrong time.
Computers that remain infected on February 3 will have eleven types of data deleted from the hard drive, including any Word, Excel, PowerPoint or PDF documents. The seriousness of the virus's impact is still unknown, however. The virus only affects Windows users who must open an infected attachment on an e-mail message to fall victim. This goes back to user training and knowledge of viruses and not opening unknown emails.
LURHQ's Stewart said: "We have been preaching to people for years against running your network that way--with everyone logged in as administrator and everything opened up on the inside," he said. "That's the sort of configuration that gets hit really hard by this."
Despite the uproar over Nyxem-E, Microsoft said it was not planning to update its malicious software removal tools before the date that the virus is set to strike.
NYXEM FILE TARGETS
- DMP - Oracle files
- DOC - Word document
- MDB - Microsoft Access
- MDE - Microsoft Access/Office
- PDF - Adobe Acrobat
- PPS - PowerPoint slideshow
- PPT - PowerPoint
- PSD - Photoshop
- RAR - Compressed archive
- XLS - Excel spreadsheet
- ZIP - Compressed file
This is a big wake up call for companies. We must find our vulnerabilities and internally secure ourselves in order to stay safe from viruses like this one.
Reference:
Blackmal virus set to delete files
Computer threat from Nyxem virus