Wirelezz
Premium
join:2001-12-31
| Blackworm Warning !!
My ISP just sent this warning via email, anyone heard of this?
A real nasty, this one:
=======================
There is considerable concern about the virus known as Blackworm:
»isc.sans.org/blackworm
This worm is set to trigger itself on the 3rd of Feb. and will destroy data on infected computers.
We urge all customers running on the Windows platform to double-check your anti-virus definitions to ensure they are up to date.
-------------------------------------
Rockynet Client Notification List
-------------------------------------
From Sans.org:
"Over the last week, "Blackworm" infected about 300,000 systems based on analysis of logs from the counter web site used by the worm to track itself. This worm is different and more serious than other worms for a number of reasons. In particular, it will overwrite a user's files on February 3rd." |
|
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
| reply to Wirelezz
Re: Blackworm Warning !!
said by Wirelezz  :My ISP just sent this warning Well, good for them! Yes, it's a real nasty. Urging folks to update their Antivirus is a real good idea. Of course if the AV is expired, then that sure won't help. Wish they had put some online scanners in that message, or some of the stand-alone removal tools. There are a number of them out there already.
--
It takes a disaster to make a woman out of a female
Microsoft MVP/Windows Security 2003-2006
Proud Member of ASAP (Alliance of Security Analysis Professionals) |
|
jack b
Gone Fishing
Premium,MVM
join:2000-09-08
Cape Cod
clubs:
 ·Comcast
4 edits | reply to Wirelezz
[edit]
silly remark removed
[/edit]
Thanks for the heads up to update virus signatures.;)
.::d:
--
~Help find a cure for Cancer~
~Proud Member of Team Discovery ~ |
|
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
2 edits | Hey, it's the real deal jack b. On Feb 3rd it will begin to destroy data on infected PCs. Did you read the article at SANS?
»isc.sans.org/diary.php?storyid=1067
Also this worm disables certain AVs, so I think an online scan just to be sure would be wise.
»Security »What are some web based virus scanners and encyclopedias?
Edit: to add link to online AV scanners
--
It takes a disaster to make a woman out of a female
Microsoft MVP/Windows Security 2003-2006
Proud Member of ASAP (Alliance of Security Analysis Professionals) |
|
Wirelezz
Premium
join:2001-12-31
| reply to Wirelezz
Re: Blackworm Warning !!
Well, sarcasm aside the question remains unanswered: Has anyone heard of Blackworm?
Rockynet is a Tier 2 ISP providing our local wireless internet with 5 T1 lines, they don't deal with the end user. This warning was sent to our WISP's tech support, not to the end users. In over 3 years of their service to us they have never sent a warning such as this, so that's why I came here hopefully to get some verification.
I guess maybe I came to the wrong place? |
|
norwegian
Premium
join:2005-02-15
Outback | reply to Wirelezz
It obviously has a few different names then, would't it be great if every company kept the same name
»Nyxem.E worm... |
|
CalamityJane
Premium,VIP,MVM
join:2002-08-27
Eustis, FL
2 edits | reply to Anon
said by MagMan :But my question is!! was this not already discussed in a thread here already.So why is this new.:) It's new to this poster. This user is asking because he got a notice from his ISP and he has not heard of it. I don't think that is reason to make him think it is hoax, because it's not.
Yes, we have Wirelezz, it is called many different names. Microsoft has a good writeup on it here;
»www.microsoft.com/security/encyc···ife.E@mm
And they have added detection and removal to their free beta of Windows OneCare
»www.windowsonecare.com/
Edit: Typo
--
It takes a disaster to make a woman out of a female
Microsoft MVP/Windows Security 2003-2006
Proud Member of ASAP (Alliance of Security Analysis Professionals) |
|
jack b
Gone Fishing
Premium,MVM
join:2000-09-08
Cape Cod
clubs: | reply to Wirelezz
Apologies for the misplaced sarcasm. |
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
·Optimum Online
 ·Vonage
| reply to Anon
Re: Blackworm Warning !!
said by MagMan :But my question is!! was this not already discussed in a thread here already.So why is this new.:) Obviously it's "new" to the OP....you should have provided links or at least given more info rather than the impression that it was a hoax, which is what you did (even if unintended).
--
~~~...and I miss you, like the deserts miss the rain...~~~ |
|
ltship
join:2002-08-11
Sturgeon Bay, WI | Re: Blackworm Warning !!
this was reported earlier this week.. aka Kama Sutra virus.. and as CJ said.. it's a very nasty one. Most AV vendors have been prepairing for this one.. so heed her advice.. she is one of the best! |
|
Marilla
I Am My Own Arbiter
Premium
join:2002-12-06
Belpre, OH
| reply to Wirelezz
This reminds me, and is probably off-topic; but does someone recall the name of the effort that was moving forward to help standardize naming of malware? The various names of this one keep confusing me lately, in particular 
--
I am the sole arbiter of what is important enough to spend my time on - not anyone else here, or anywhere else. You take care of yourself, and leave me to me, got it? |
|
Cudni
La Merma - Vigilado
Premium,MVM
join:2003-12-20
Someshire
| this?
»cme.mitre.org/about/faqs.html
"...
The Common Malware Enumeration (CME) initiative aims to provide single, common identifiers to new virus threats (i.e., malware) for the benefit of the public. ..."
Cudni
--
Some are born to failure, others achieve it, all deserve it Help yourself so God can help you |
|
Marilla
I Am My Own Arbiter
Premium
join:2002-12-06
Belpre, OH | Thank you! *bookmarking it* |
|
