Network World - The Nyxem worm, also known by the names Kama Sutra, MyWife and Blackdoom, was set to activate a dangerous payload Feb. 3 that would wipe out files held in infected desktop computers. However, as the day moves forward hour by hour across the globe, security experts say they see few signs yet of widespread Nyxem damage.
“So far, we haven’t received any Nyxem damage reports,” writes Mikko Hypponen, manager of anti-virus research at F-Secure, in his Weblog. F-Secure has been tracking Nyxem infections over the past few weeks. According to Hypponen, “The vast majority of the machines infected by Nyxem are home computers.”
According to Hypponen, this may indicate that “the full scope of the problem won’t come to light until the weekend or early next week” when home-computer users find out their files have been overwritten by the Nyxem worm.
Marc Solomon, director of product management at McAfee - which calls the Feb. 3-activating virus the MyWife worm - also said there were no indications of widespread destruction at this point.
F-Secure and McAfee see the most frequent worm infections in India. McAfee said Peru is somewhat of a hot spot relative to the lack of activity seen elsewhere. He speculated this may be because computer users in these countries don’t use anti-virus software as frequently as those in other countries.
Anti-virus firms, which have known about the Nyxem worm for two months, have provided anti-virus updates that protect against Nyxem. There are an estimated 300,000 infections of Nyxem in computers worldwide, with a possible 100,000 in the U.S.
Anti-virus software vendors Sophos and Symantec also say they see no signs at all of Nyxem infections activating a payload to wipe out files in infected computers.
“Globally, we have a grand total of zero reports of damage,” says Graham Cluley, senior technology consultant at Sophos. Sophos provides security software to enterprise customers, not consumers, so its analysis doesn’t reflect what might occur to home PC users.
Cluley acknowledges that certain quarters of the anti-virus industry had anticipated widespread destruction from Nyxem, so “everyone’s looking a little sheepish.” The widespread attention to Nyxem from the media led to warnings about Nyxem from CNN and ABC News, among others, but so far Nyxem has not brought about the kind of damage that had been anticipated.
Most anti-virus software providers have not been alarmist about Nyxem because their anti-virus products had been updated for several weeks to protect against the virus.
The Russian stock exchange shut down for about an hour Thursday, purportedly because of a virus outbreak. The Russian exchange has resumed today. So far, there’s no information to indicate the Nyxem virus played any role.
About the Nyxem worm, Cluley said the security industry had been aware for a few weeks of a Web site (which he declined to specify) that the worm, once it had infected a machine, would contact as a way to call home and report it had infected a computer.
Rss Feed
The Connected Enterprise
You are previewing premium content. 
