Last weekend, security firm F-Secure issued a warning to users about the spread of a new computer worm known as Nyxem.e, which has the ability to destroy data in several commonly used file formats.
The Finnish-based security company reported that the Nyxem.e worm contains dangerous code that instructs it to replace data in files such as “.DOC, .XML, .MDB, .MDE, .PPT, .PPS, .ZIP, .RAR, .PDF, .PSD, or .DMP” with the string “DATA Error [47 0F 94 93 F4 K5].”
However, this replacement is even more dangerous as it occurs regularly on the third day of each month.
This indicates that the virus affects a range of popular applications including Microsoft Word, Excel, PowerPoint, Access, as well as Adobe Photoshop and Acrobat.
The Nyxem.e worm is quite similar to the recently discovered VB.bi/Blackmal/MyWife.d variants, which within 24 hours of emergence climbed to the third position on the list of dangerous viruses. According to F-Secure’s statistics, this new worm currently accounts for 7% of all virus notifications sent to the company.
F-Secure has decided to raise the alert level for the Nyxem.e worm to “2” – marking the first time the company has issued such a high alert since the Windows Metafile security flaw was discovered late last year.
