Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kama Sutra Worm Could Make For A Bad Friday

Posted by Zonk on from the batten-the-hatches-tie-down-the-sails dept.

mikey1134 writes "CNN is running a story about the Kama Sutra worm, a virus that is coded to overwrite files of the (potentially thousands of) infected computers. They provide some background on this viral outbreak and warn users to protect themselves" From the article: "And even for home computer users who have never taken such precautions before, security experts say now would be a good time to back up your most important data, like financial information and family photographs, to CDs, DVDs, zip drives, or an external hard drive that you know is worm and virus free. Unlike a lot of malware that exploits vulnerabilities in the Windows operating system, there is no 'patch' that can be downloaded to ward off Kama Sutra."

5 of 317 comments (clear)

  1. Searches Network Shares by ObsessiveMathsFreak · · Score: 3, Interesting

    This one will be more damaging than people think.

    A lot of SMEs uses unsecured and passwordless network shares for sharing company data. Data that is stored in, you guessed it, *.doc *.xls, etc, etc files. This virus looks for shared drives such as this and will corrupt the files on them tomorrow.

    If only one PC in the company is effected, I can see a whole lot of sore heads tomorrow at lunchtime.

    I guess I should have paid more attention to this one.

    --
    May the Maths Be with you!
  2. Re:But but but we want a patch!!! by plover · · Score: 2, Interesting
    Actually, this virus might BE the "patch" for stupidity.

    "Hey, what happened to all my documents?"

    "You opened a pr0n attachment in your email, you just got what you deserved."

    "Boy, I'll never do that again!"

    So, if these idiots are capable of any learning at all, this might work out to be a good learning experience for them. And if they're not, well, hey -- it's not my problem they're stupid.

    --
    John
  3. Re:Many Aliases and More Info by xeoron · · Score: 3, Interesting

    I would think one of the best solutions (along with backing things up) is to turn the system clock back a few days, until a proven removal tool can be used.

  4. Re:Oh leave off it by sootman · · Score: 2, Interesting

    "Don't run random programs that some with e-mails. If you use Outlook Express, it'll even tell you not to (twice)."

    Super. That will take care of it. </sarcasm>

    I use OWA and this is next to every single attachment: "Attachments may contain viruses that are harmful to your computer." Gee, thanks. When users see that next to every single word doc, PDF, and JPEG they get on a daily basis, they start ignoring it. If everything is a threat, nothing is a threat.

    --
    Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
  5. Re:The OS is working as intended -- vulnerably by drsmithy · · Score: 2, Interesting
    But appliations in emails should not be able to hide the fact that they are applications.

    They can't. When you try and open attachments you get a dialog that tells you it's a bad idea and the default response set to "Don't Open". Applications should not be able to edit the registry without warning the user.

    How is the OS supposed to tell the difference between a legitimate registry change and a malicious one ?

    Users should not need to run as Administrator to make their computers work properly.

    I agree. Blame the people who are writing software that does, it's their fault.

    The registry is itself pretty sucktastic as far as security design goes.

    Bollocks. The Registry has per-user ACLs on each key. It's got a better "security model" than most OSes.