AT&T Tech Support 360
January 30, 2006 10:32 AM PST
ISP sends alert to Kama Sutra victims
- Related Stories
-
Kama Sutra worm set to bite next week
January 26, 2006 -
Kama Sutra worm seduces PC users
January 23, 2006 -
Australian ISPs tapped to kill zombies
November 7, 2005 -
ISPs versus the zombies
July 19, 2005 -
Your ISP as Net watchdog
June 16, 2005 -
Feds to fight the zombies
May 23, 2005
When a computer is infected by the worm, which also goes by Nyxem.E and other names, it visits an online Web counter that tallies up how many PCs have been infected. U.K.-based Easynet said it is monitoring traffic to this Web counter and sending a virus alert to every person who visits it.
ISPs have come under criticism for failing to responsibly monitor the data they pipe to home users and to share the responsibility for the ever-growing burden of virus and spam that is falling on businesses and consumers.
"ISPs do the equivalent of pumping out raw sewage into your home. You wouldn't expect to have to filter your own water, so why do home users have to filter their own data?" Paul Wood, a senior analyst at hosted e-mail and Web security company MessageLabs, said in November.
In May, the Federal Trade Commission, in tandem with some counterparts worldwide, said it planned to ask ISPs to help crack down on "zombie" networks of computers that send out spam.
F-Secure applauded Easynet's move in its blog, encouraging other ISPs to get in contact with customers who may be affected by an attack.
"We think it's a good idea that ISPs warn people about viruses in general, and I think it's a great idea that Easynet proactively took this step," F-Secure security expert Patrik Runald said. "Obviously, with 300 or 400 viruses being detected every day, ISPs can't warn their customers about all of them. But in this type of case, it's a really good idea."
The security company encouraged other ISPs to notify any customers whose systems may have been infected by the Kama Sutra worm before Feb. 3, when the virus is due to deliver its payload.
"We thought this was an excellent idea and wanted to promote it! We encourage other ISPs to do the same, as it will help users disinfect their machines before the 3rd of February," F-Secure wrote on its blog.
The payload is programmed to delete all Microsoft Word, Excel and PowerPoint file types, as well as Adobe Systems PDF files, from a compromised PC. The multifaceted malicious software will also attempt to propagate itself, both through e-mail and as a network worm, which can be particularly damaging on closed networks.
"Nyxem is certainly malicious. It can be delivered via e-mail, but also as a network worm. It probes other PCs on a closed network to compromise them and send itself to the other computers, to infect as many hosts as possible," Jason Steer, a technical consultant at security company Ironport, said on Thursday.
The malicious software hides in attachment types not typically blocked by attachment filters.
Companies are unlikely to be directly affected by Kama Sutra if they are running up-to-date antivirus software, Ironport said, because the major antivirus vendors have now released patches. But the company warned on Thursday that businesses could experience secondary effects as the virus tries to propagate itself by harvesting e-mail addresses on an infected machine.
"The knock-on effects will come as compromised PCs try to communicate with businesses. This will cause additional e-mail and network traffic, and possible slow down e-mail response time," Steer said Thursday.
Tom Espiner of ZDNet UK reported from London.
See more CNET content tagged:
Easynet,
Internet Service Provider,
Nyxem,
F-Secure Corp.,
Ironport Systems Inc.
"ISPs do the equivalent of pumping out raw sewage into your home. You wouldn't expect to have to filter your own water, so why do home users have to filter their own data?"
The analogy that should have been used is the telephone network. The phone company provides you, the end user, with a clear phone line that can be used to talk to anyone or anything that also interfaces with that network. Saying ISPs are responsible for the content that users download is ridiculous! That would be like holding the telephone companies responsible for a little old lady that falls victim to a telephone scam. It is the USER'S responsibility to obtain antivirus software, keep it up to date, and use a little common sense when going through their inbox!
As I have said before, ignorance of this "new digital age" is no excuse for not taking the slightest interest in protecting yourself. The information about how to protect yourself against viruses and phishing is out there. All you need to do is a little reading.