Original URL: http://www.theregister.co.uk/2006/01/19/kama_sutra_worm/

Kama Sutra worm ties security in knots

Backdoor code

By John Leyden

Posted in Security, 19th January 2006 09:09 GMT

A worm claiming to offer pictures from the Kama Sutra has begun circulating by email in the latest attempt by virus writers to infect Windows machines by relying on a combination of user stupidity and supposedly salacious content.

The Nyxem-D worm (AKA Blackmal-E) arrives as the infectious payload of email messages with spoofed sender addresses claiming to offer obscene pictures or pornographic movie clips. Subject lines used in the malicious emails include: The Best Videoclip Ever, Fw: SeX.mpg, Miss Lebanon 2006 and Fuckin Kama Sutra pics. The worm only affects Windows PCs.

If activated, Nyxem-D tries to disable security software. It also tries to harvest email addresses from infected PCs in a routine designed to draw up a hit list of targets for infection. Nyxem-D is programmed to download updates of its code onto infected PCs.

Standard defensive precautions against viral attacks apply in defending against Nyxem-D. Users are urged to patch systems up to date and update anti-virus signature definition files. Resisting the temptation to open unsolicited email attachments is also a good idea, of course. ®