Microsoft is preparing users for the arrival of the Blackworm, a
mass mailing malware variant expected to infiltrate and slam
personal computers this Friday.
The software vendor, which calls the socially inclined
worm said the worm tries to lure users to open an attached file
in an e-mail message.
But if the recipient opens the file, the malware sends itself to
all the contacts in the computer's e-mail client address book.
The malware also attempts to scan the network looking for systems
it can connect to and infect. If it fails to connect to one of these
systems, logs on with "Administrator" as the user name together with
a blank password, Microsoft said in a security advisory this week.
Blackworm, also known as Blackmal, Nyxem, MyWife, Tearec and
KamaSutra, places a malicious zip file icon somewhere on the system.
The malware is designed to wreck a number of common document
format files on the third day of every month.
Feb. 3, 2006, is the first time this malware is expected to
corrupt the content of specific document format files, including all
.doc (Microsoft Word), .xls (Microsoft Excel), .ppt/.pps (Microsoft
PowerPoint) and .pdf files, among others.
What makes the Blackworm so vexing to security experts is that
the malware also modifies or deletes files and registry keys
associated with certain computer security applications, stopping
them before they can counter the Blackworm.
Microsoft said customers infected with the Mywife malware should
contact their antivirus vendor.
Customers may also visit the Windows Live Safety Center Web site
to procure a scan to ensure their systems are free of infection.
Microsoft also noted the Windows OneCare Live Beta detects and
protects computers from the Blackworm and its variants.