Anyone get hit by the Nyxem/Blackmal worm?
Anyone get zapped by this worm today? It was suppose to activate today (Feb 3rd) and overwrite specific files on computers it had infected, which was an estimated 700K machines worldwide. I was wondering if anyone here was hit.
http://isc.sans.org/diary.php?storyid=1067
http://isc.sans.org/diary.php?storyid=1067
Comments
-
RussS
Member Posts: 2,068 ■■■□□□□□□□
Nope - all of my clients are clean as far as we can tell.
I did however have a lot of fun yesterday with CA EZ-Antivirus being deactivated on several clients machines. Apparently the updates CA posted overnight (2nd NZ time) were corrupted and turned off automatic protection. They appear to have recognised this and replaced the definition file however they used the same string number and that did not allow machines to fix themselves by downloading the newer version
The quick fix was to uninstall and reinstall. CA thought that when the next update came out it would automatically solve the issue but I have a problem with leaving my clients defenceless for the time it took for CA to sort the issue.www.supercross.com
FIM website of the year 2007 -
Trailerisf
Member Posts: 455
Nope, but I did make quite a bit of cash working late into the hours on Thursday night verifying all my clients were secure.
I love media hype. Even the computer illiterate were asking to have me come by just to make sure.
Money well spent in their minds for peace of mind.On the road to Cisco. Will I hunt it, or will it hunt me? -
TURTLEGIRL
Member Posts: 361
All clear here, nothing so far.
I also heard of one being activated on the 14 feb. If you don't know 24 then you don't know Jack! -
Chivalry1
Member Posts: 569
All of my clients are clean. I watched for unsuspected activity on all of my work stations. I must agree that the extra hours on Thursday was not bad.
"The recipe for perpetual ignorance is: be satisfied with your opinions and
content with your knowledge. " Elbert Hubbard (1856 - 1915)
