A fast-spreading e-mail worm is raising alarms because its sole purpose is to obliterate the everyday working documents widely used by consumers, students and businesses.
The Kama Sutra worm - also referred to as Nyxem.E and Grew.A - is unnerving because, unlike other e-mail worms, it appears to be detached from any profit motive.
It is designed to destroy all Microsoft Word, Excel, Access and PowerPoint documents and Adobe Acrobat and Photoshop files on all hard drives connected to an infected PC.
"The amazing part is that there appears to be a lack of any motive behind this except destruction," says David Mayer, researcher at e-mail security firm IronPort Systems.
The worm appears in e-mail in-boxes with subject lines such as "hot movie," "A Great Video" or "Crazy illegal Sex!" enticing the recipient to click on an attachment. One variation makes reference to the ancient Sanskrit book on sexual positions.
By clicking on the attachment, the victim launches a program that disables anti-virus protection. The infected PC then begins to send copies of similarly tainted e-mail to every e-mail address on the victim's hard drive.
But while most e-mail worms also plant a back door to give an intruder control of the PC, or a program to steal log-ons and passwords, this worm's sole purpose is destruction. It implants a program to erase common work files on the third day of the month, hitting even external data-storage devices connected to the infected PC.
IDefense, a VeriSign company, confirmed the deletion program works. More than 500,000 PCs are believed to have been infected since it first appeared on Jan. 16. That's a modest infection rate, but victims face grim consequences. On Friday - Feb. 3 - any infected machines will lose all Microsoft documents and Adobe files.
Comments