Destructive payloads kick-off 2006

Destructive payloads and Trojan charge kick-off 2006
Written by Munir Kotadia, Contributor
With the Kama Sutra worm set to delete files on infected computers this week and Sophos reporting a massive increase in Trojan horses in January, 2006 has not started well for security administrators.

The Kama Sutra worm, which is also known as Mywife, Nyxem.E and Blackworm, will start deleting files on infected computers on Friday and security companies say that early signs suggest no let up in malware (malicious software) volumes throughout the year.

Kim Duffy, ISS Australasia managing director, said there is the potential for massive damage caused by the worm's destructive payload, which is programmed to delete files including Microsoft Word and Excel documents on the first Friday of each month.

"Potentially it will [cause damage] -- it is a question of how well prepared people are. Our research shows that a lot of the antivirus systems are not detecting it so it could mean that it has gotten on board," said Duffy.

Carole Theriault, senior security consultant at Sophos, said the worm has been using old tricks successfully.

"In many ways the Kama Sutra worm is a throwback to the days when sexy subject lines and attachment names were often used to tempt users to open the infected file .... The bad news for those who have been infected by the worm is that they run the risk of having their data wiped by its destructive payload on 3 February," said Theriault in a statement.

Besides the Karma Sutra worm, administrators have been staving off 2,312 new pieces of malware in January alone, according to Sophos.

Topping the charts for January is Sober.z, which caused massive problems towards the end of last year and actually stopped being a threat on 6 January. However, the sheer volume of infections meant the worm still accounted for almost 45 percent of all infections last month.

Editorial standards