Security companies have recently issued warnings about a new computer worm that is rapidly spreading across the Internet. Although it only began appearing online on Tuesday (January 17), by the following day, this new strain of computer worm had quickly climbed to the number three position on the global malware rankings of security firms.
This new worm – named VB.bi by F-Secure, Blackmal.e by Symantec, and MyWife.d by McAfee – is essentially a very simple Visual Basic (VB) code structure, according to F-Secure. The worm spreads through traditional means, being attached to emails. However, this new worm also has an alternative spreading method via shared directories.
Once it infects a user’s computer, the worm attempts to disable a range of security applications, including those from Symantec, McAfee, Trend Micro, and Kaspersky Labs.
The Internet Storm Center (ISC) noted that one of the notable features of this new worm is its ability to exist as an executable file or as a MIME file containing another executable file.
This represents a new and extremely dangerous form of spreading, utilizing the MIME format, which is rarely used by malicious attackers to disseminate viruses. The most recent example of such a method was the Nimda virus, which employed this technique to launch attacks in 2001.
Blackmal.e/VB.bi/MyWife.d has swiftly risen to the number three spot on F-Secure’s list of the most dangerous viruses. This worm currently accounts for over 11% of all virus infection reports sent to F-Secure within just 24 hours. The Mytob virus has likely not achieved this record.
Symantec has classified the danger level of this virus as 2 out of 5 on their threat scale and has officially provided a free removal tool for this virus on their website. You can download this free tool here.