shells
01-26-2006, 16:12 PM
Hey everybody...this message was sent to all users at my workplace today. FYI!
PLEASE READ THIS MESSAGE IN ITS ENTIRITY
Be advised that a new mass-mailing worm ha been developed – it is named NYXEM (CME-24). This worm relies on social engineering to spread, i.e., specifically, the user must click on a link or open an attachment
The NYXEM worm targets Windows Systems that hide file extensions for known file types. The worm’s icon makes it appear to be a WINZIP file. Opening an infected file or following an infected link will start the worm and may result in any, or all, of the following: e-mail addresses may be harvested
the worm may use its own SMTP engine to send itself to the harvested e-mail addresses
the worm may disable anti-virus and file sharing programs
the worm may spread itself among network shares
the worm may modify the desktop
In addition, this worm is written so that on FEBRUARY 3, 2006it will be able to corrupt files, making them unusable by overwriting them with a small text message. Files with the following extensions are targeted on this date: DOC, PPT, XLS, MDB, MDE, PPS, ZIP, RAR, PDF, PSD and DM.
USERS ARE ADVISED NOT TO FOLLOW UNKNOWN LINKS EVEN IF SENT BY A KNOWN AND TRUSTED SOURCE
PLEASE READ THIS MESSAGE IN ITS ENTIRITY
Be advised that a new mass-mailing worm ha been developed – it is named NYXEM (CME-24). This worm relies on social engineering to spread, i.e., specifically, the user must click on a link or open an attachment
The NYXEM worm targets Windows Systems that hide file extensions for known file types. The worm’s icon makes it appear to be a WINZIP file. Opening an infected file or following an infected link will start the worm and may result in any, or all, of the following: e-mail addresses may be harvested
the worm may use its own SMTP engine to send itself to the harvested e-mail addresses
the worm may disable anti-virus and file sharing programs
the worm may spread itself among network shares
the worm may modify the desktop
In addition, this worm is written so that on FEBRUARY 3, 2006it will be able to corrupt files, making them unusable by overwriting them with a small text message. Files with the following extensions are targeted on this date: DOC, PPT, XLS, MDB, MDE, PPS, ZIP, RAR, PDF, PSD and DM.
USERS ARE ADVISED NOT TO FOLLOW UNKNOWN LINKS EVEN IF SENT BY A KNOWN AND TRUSTED SOURCE