Blackworm Virus 27 replies

Please wait...

LS?Master

Pro-Filer thinks I'm cool!!

50 XP

2nd November 2005

0 Uploads

428 Posts

0 Threads

#1 13 years ago

This is not to advertise for ZoneAlarm, it is just who I use and the company sent me this email. I figured I would share it. (I removed every link so do not request is, thus that would entitle to advertising.)

Severity: [COLOR="Red"]High Risk[/COLOR] BlackWorm is a new and potentially destructive Internet worm currently making its way around the globe. It is infecting users via e-mail and is scheduled to destroy all Microsoft Word, Excel, PowerPoint, PDF, PSD and ZIP files on Feb. 3.

Rumor or truth? Will you protect your self?




Inyri Forge VIP Member

[Insert User Title Here]

55 XP

15th March 2005

0 Uploads

25,940 Posts

0 Threads

#2 13 years ago

I think I'm just going to unplug my model on the third :lol: . I did just download some anti-virus software today as a slight precaution. You never know how reliable free software is, but something's got to be better than nothing. Unless your something is Norton...




Dr.Fritz

Promiscuous Girl

50 XP

6th July 2005

0 Uploads

5,842 Posts

0 Threads

#3 13 years ago

Well that sucks. At least I have a very tight security program.




maester

TeamFX Webmaster

50 XP

20th October 2004

0 Uploads

85 Posts

0 Threads

#4 13 years ago

This was the email I got I removed all links

Overview: BlackWorm is an email worm that uses its own SMTP engine to spread through e-mail and open network shares. Blackworm is also known as BlackWorm/Nyxem/Blackmal/Blueworm/Grew. This vulnerability has been classified as "High Risk." Computer users should take appropriate action to be protected against this worm. Date Published: January 25, 2006 Date Last Revised: January 25, 2006 Impact: Using its own SMTP engine, BlackWorm spreads using different subjects, email bodies and attachments. The attachments sent by the worm may contain the following extensions: pif, scr, mim, uue, hqx, bhx, b64, and uu. On February 3rd, computers that are infected with BlackWorm will have the following file types overwritten by the worm: DOC, XLS, MDE, MDB, PPT, PPS, RAR, PDF, PSD, DMP, ZIP. The files are overwritten with an error message ('DATA Error [47 0F 94 93 F4 K5]'). Platforms Affected: Windows 2000 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows XP Zone Labs Products: To ensure the most comprehensive protection, computer users should employ ZoneAlarm® Security Suite, or ZoneAlarm Pro. Zone Labs products are not vulnerable to this attack. All Zone Labs security products, including ZoneAlarm, protect the user's system from unauthorized access and intrusions, and alert the user when malicious code attempts to access the network. Recommended Actions: Check Point Integrity®: Check Point Integrity protects your system against this vulnerability through the following available services: Advanced Cooperative Enforcement Use Advanced Cooperative Enforcement to enforce policy upon remote endpoints. Anti-Virus Rules Anti-Virus Rules enforce version of AV engines and definition files. Integrity Administrators should download the latest engine(s) and definition file(s). Classic Firewall Rules It is recommended that you ensure: • Only trusted hosts are in the ‘Trusted’ Zone. E-Mail Protection It is recommended that you block both inbound and outbound *.pif, *.scr, *.mim, *.uue, *.hqx, *.bhx, *.b64, and *.uu emails using E-Mail Protection. SmartDefense Program Advisor SmartDefense Program Advisor automatically blocks malware. It is recommended that you ensure the following: • Internet Zone Security is set to High. • Trusted Zone Security is set to Medium. For more information about activating SmartDefense Program Advisor, please refer to CPSA-2005-10. ZoneAlarm Family: ZoneAlarm Pro and ZoneAlarm Security Suite protect your system against this vulnerability through "Internet Zone Security" and "Trusted Zone Security". It is recommended that you ensure the following:
  • Internet Zone Security is set to High.
  • Trusted Zone Security is set to Medium.
  • Only trusted hosts are in the ‘Trusted' Zone.
  • Block both inbound and outbound *.pif, *.scr, *.mim, *.uue, *.hqx, *.bhx, *.b64, and *.uu emails using E-Mail Protection.
  • Update antivirus products to provide the most up-to-date protection.



KoЯsakoff

Captain

50 XP

7th November 2003

0 Uploads

6,585 Posts

0 Threads

#5 13 years ago
Inyri ForgeI think I'm just going to unplug my model on the third :lol: . I did just download some anti-virus software today as a slight precaution. You never know how reliable free software is, but something's got to be better than nothing. Unless your something is Norton...

I've got Norton.. Never had problems with it. But additional I run other AV software too. You can't be over protected :)




Yannick

A psychedelic experience.

50 XP

16th April 2004

0 Uploads

10,644 Posts

0 Threads

#6 13 years ago

I have 3 firewalls (two are hardware), 3 anti-virus programs, 2 anti-spyware/ad-aware programs, and a cookie-cleaner. Can never be too protected all right :p.




DnC

GF's Cognitive Psychologist

50 XP

14th April 2004

0 Uploads

2,668 Posts

0 Threads

#7 13 years ago

I don't need firewalls, I just have common sense.




SilentHitz

When in doubt...KILL IT!!

50 XP

24th June 2005

0 Uploads

937 Posts

0 Threads

#8 13 years ago
DnCI don't need firewalls, I just have common sense.

Me too, I bought a giant condom to put my laptop in though...just to be protected :D




Martiscus

The Internet ends at GF

50 XP

2nd October 2005

0 Uploads

150 Posts

0 Threads

#9 13 years ago

I'm not going to worry about this Blackworm Virus. :) Signed, Tharquan Longbeard




FileTrekker Über Admin

I'm spending a year dead for tax reasons.

276,635 XP

15th December 2002

372 Uploads

22,755 Posts

1,885 Threads

#10 13 years ago

Lol. This thread is an example of why these things spread.

Everyone who says "Oh I don't need a Firewall and Antivirus - I have common sense" always finds themselves in for a nasty shock when they learn just what they are leaving themselves open to.

Nobody who is connected to the Internet (especialy high-speed) under ANY circumstance should be running without a firewall and Anitvirus. There are several senario's as to why this is dangerous;

  • Not all viruses are files you download or get attached to e-mails. Some just connect directly to your computer's ports, upload and hide themselves. With no Firewall you'll never know or be able to stop this. If you dont have AV software, you could be host to all kinds of silent trojan horses or other malware.
  • If someone else like a brother and sister is on the same network as you, and is careless online and get's infected, that virus can now spread itself to your computer over the LAN, potentially bypassing your router / hardware firewall.
  • If your NOT on a local network (router) or gateway then your in sereous problems because your computer is open and exposed to the internet with no Firewall / AV. Your computer is probably host to a whole wide range of things you really should not have there, and people are probably having a field day with your computer right under your nose.

http://www.avast.com/ http://www.zonealarm.com/

BOTH are free. Windows also has a built in firewall. Please use these, saying "Oh i'm smart nobody will come after me" is really not smart.

Visit https://www.grc.com/x/ne.dll?bh0bkyd2 to remotely probe your computer just to see just how 'exposed' your computer is. All your ports should be STEALTH or else your at risk.

I've got Norton.. Never had problems with it. But additional I run other AV software too.

This is such a BAD idea.

You should NEVER run more than one Antivirus software package on your computer at the same time. As well as causing sereous system resource poblems (that Norton causes enough of) it actualy causes realtime protection conflicts and leaves you potentially LESS protected than with just one well up to date AV. I reccomend NOD32 or Avast over Norton.


Danny King | Community Manager | GameFront.com