View Full Version : W32/Nyxem-D..detected ?
pykko
January 25th, 2006, 03:59 PM
I've found these days about a dangerous worm spreading very fast on the internet. W32/Nyxem-D
Its main actions are:
Turns off anti-virus applications
Sends itself to email addresses found on the infected computer
Deletes files off the computer
Forges the sender's email address
Uses its own emailing engine
Downloads code from the internet
Reduces system security
Installs itself in the Registry
Aliases: Email-Worm.Win32.VB.bi, CME-24, WORM_GREW.A, Win32.Blackmal.E@mm, W32/Tearec.A.worm, Email-Worm.Win32.Nyxem.e
W32/MyWife.d@MM
I tried to find it on NOD32 signatures update, but no luck. Does anyone know if it's actually detected?
Happy Bytes
January 25th, 2006, 04:03 PM
Win32/VB.NEI
pykko
January 25th, 2006, 04:07 PM
Thank you Happy Bytes! 2 Fast, 2 furious as usual! ;D
i_kenefick
January 25th, 2006, 05:21 PM
Mike - any new on ESET joining in on the CME?::)
FYI OP: http://cme.mitre.org/data/list.html#24 contains information relating to aliases for this worm.
Firecat
January 25th, 2006, 05:21 PM
{QUOTE-> Thank you Happy Bytes! 2 Fast, 2 furious as usual! ;D <-QUOTE}
Double the gun, Double the fun! ;)
*where Happy Bytes = Special gun meant for nailing malware down
flyrfan111
January 25th, 2006, 07:11 PM
{QUOTE-> Mike - any new on ESET joining in on the CME?::)
FYI OP: http://cme.mitre.org/data/list.html#24 contains information relating to aliases for this worm. <-QUOTE}
Yes I would be interested in an answer to this as well. Something needs to be done, malware naming is getting way out of hand. Just that particular worm, is called the Black worm, blackmal, Nyxem, VB.NEI to name a few, how are we supposed to keep track.
Firecat
January 26th, 2006, 09:22 AM
{QUOTE-> Yes I would be interested in an answer to this as well. Something needs to be done, malware naming is getting way out of hand. Just that particular worm, is called the Black worm, blackmal, Nyxem, VB.NEI to name a few, how are we supposed to keep track. <-QUOTE}
Vgrep helps when we are confused about malware names, at least to some extent :D
i_kenefick
January 26th, 2006, 11:27 AM
{QUOTE-> Vgrep helps when we are confused about malware names, at least to some extent :D <-QUOTE}
It's not a practical solution for Joe Soap. This is the problem with project vgrep.
flyrfan111
January 26th, 2006, 07:23 PM
{QUOTE-> Vgrep helps when we are confused about malware names, at least to some extent :D <-QUOTE}
By the time VGrep has information the threat is usually long past, CME or some similar idea would be a much better solution.
vBulletin® Copyright ©2000-2009, Jelsoft Enterprises Ltd.