Nick Verhaar
A new worm Nyxem-E, has infected a reported 300,000 machines since its initial release on 16 January.
Affecting virtually all versions of Microsoft Windows, the new Nyxem worm deletes crucial files from Microsoft Office and Adobe software suites, along with several other software packages.
File deletion begins on 3 February and the virus will continue repeating this destructive process on the 3rd of every month until the system has been cleansed of the virus.
The Nyxem virus also attempts to disable antivirus software to prevent itself becoming detected and disinfected by future antivirus updates. Some variants have been reported to disable mouse and keyboard interaction on infected machines. Delivered primarily via email, the subject line and body text featured in Nyxem infected emails is randomly selected from a pool of various different messages, all of which promise videos and images of pornographic nature in the form of attached files. Infection of the Nyxem worm begins upon execution of the attached files, and will then proceed to scan all local hard disks in an attempt to harvest potential victims’ email accounts. It is becoming increasingly difficult to block these messages as they’re being sent from so many different hosts.
If you suspect you or a friend may already be infected with the Nyxem worm, update antivirus definitions or run an online virus scanner such as Trend Micro’s HouseCall, which is freely available for use at http://housecall.trendmicro.com. You should also make it a habit to regularly run the Windows Update service to ensure your system is up to date with security and bug fixes.