Blogs » Digital Babble » Tech Thursday

Subscribe


 
Tech Thursday
By cjcastillo in Digital Babble
February 2, 2006

I’m going to skip today’s "Ten for Thursday" and do a post on technology instead. Don’t cry, I’ll do a special edition “Five for Friday” tomorrow all about me. Bet you can’t wait.


File destroying worm set make impact tomorrow

This worm targets computers with the Windows operating system and spreads by copying itself to shared network locations and then sending itself to e-mail addresses found on afflicted computers.

This means that many of you may see this in your inbox and the e-mail may appear to come from someone you know. Please be very careful about opening e-mail attachments!


From Techweb.com

Sometime on Friday computers already infected with the Kama Sutra worm will start writing over important documents, rendering them useless and potentially causing catastrophic damage to consumers and businesses.

What is this worm called?
Good question. According to some lists, the worm has more than two dozen monikers. The most popular, though, are Kama Sutra, Blackworm, Blackmal, MyWife, and Nyxem. It's also been dubbed CME-24 by the Common Malware Enumeration database, which is supposed to provide one name for malicious code.

What will the worm do?
On Friday, the worm will write the text string "DATA Error [47 0F 94 93 F4 F5]" over all data in files with file formats from Microsoft Office (.doc, .xls, .mdb, .mde, .ppt, .pps) and Adobe (.pdf, .psd), as well as popular compression formats (.zip, .rar) and memory dumps (.dmp). The worm will seek out these files on all connected drives, including mounted network drives, USB-based flash drives, and external drives.

It also disables many popular security programs — those from Computer Associates, Kaspersky, McAfee, Panda, Symantec, and Trend Micro — so that users won't be able to sniff it out once it's planted on the PC.

When does it start destroying files?
According to the security firms which pulled apart the worm's code, it will overwrite files on the third of each month, local time. Friday, Feb. 3, is the first such trigger. The worm will activate by looking at the PC's clock — not, as have other worms, by synchronizing with time servers — which is why there have been scattered reports of damage already. Helsinki-based F-Secure, for instance, has said it has received reports from users — with incorrectly-set PC clocks — who have had files overwritten.

What can users do to protect themselves?
Most security organizations have made the standard recommendation — use anti-virus software and keep its definitions up-to-date — from the beginning. Other advice doled out by Microsoft in a security advisory this week included the also-usual items of not opening e-mail attachments (that's how the worm is packaged and distributed) and running Windows in User, not Administrator, mode.


IT Humor

Now it is time to lighten up the mood with a little tech humor.

Next on my list is a new show from the UK about the trials and tribulations of an IT group.

IT Crowd

The show is entitled “The IT Crowd” and is featured on Channel 4. For those of us in the States who don’t have this channel, just go to the show’s website where you can view the first two episodes online.

Channel4.com - IT Crowd page

From what I've seen so far the show is very funny. If it is successful I wonder how long until they do a remake over here.

Image hosting by Photobucket


And last but not least, see what happens when one of the writers of Late Night with Conan O’Brien decides to take matters into his own hands after dealing with the tech support in India.

Click here to watch the video clip

Or

Go here to download the video from my page.