Press Releases

Browse our press release archive

18 Jan 2006

Obscene Kama Sutra worm spreads via email

Data destroying payload set to trigger on 3 February

Photographs
The Nyxem-D worm can pose as pictures of the Kama Sutra.

Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have warned users to be wary of unsolicited emails claiming to contain obscene pictures and sex movies.

The W32/Nyxem-D worm (also known as Email-Worm.Win32.VB.bi, Blackworm, or W32.Blackmal.E@mm) can spread via email using a variety of pornographic disguises, in an attempt to disable security software. If launched it tries to disable a number of anti-virus and firewall products, and attempts to harvest other email addresses from the infected computer, in an effort to spread itself further.

Subject lines used in the malicious emails include the following:

*Hot Movie*
Arab sex DSC-00465.jpg
Fuckin Kama Sutra pics
Fw: SeX.mpg
Fwd: Crazy illegal Sex!
give me a kiss
Miss Lebanon 2006
Part 1 of 6 Video clipe
School girl fantasies gone bad
The Best Videoclip Ever

"Companies should educate their users to practise safe computing - that includes never opening unsolicited email attachments and discouraging the sending and receiving of joke files, pornography and funny photographs and screensavers," said Graham Cluley, senior technology consultant for Sophos. "This worm feeds on people's willingness to receive salacious content on their desktop computer, but they could be putting their entire company's data at risk."

The W32/Nyxem-D worm has a destructive payload, which triggers on the third day of any month, destroying DOC, XLS, MDB, MDE, PPT, PPS, ZIP, RAR, PDF, PSD and DMP files by replacing their contents with the string:

DATA Error [47 0F 94 93 F4 K5]

The Nyxem worm overwrites files with a bogus error message

Sophos automatically updated customers with protection against the W32/Nyxem-D Windows worm, which does not infect Macintosh computers, at 16:03 GMT on 16 January 2006.

Sophos recommends companies protect their email with a consolidated solution to thwart the virus and spam threats as well as secure their desktop and servers with automatically updated anti-virus protection.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.