This Internet worm containing adult content did not cause the anticipated “data destruction disaster,” but security experts estimate that it infected between 469,507 and 946,835 PCs from January 15 to February 1, 2006.
The Center for Applied Internet Data Analysis (CAIDA) reported that among the (minimum) number of attacked computers mentioned above, most were located in India (32.2%), followed by Peru (18.7%), Italy (8.1%), Turkey (6%), and the United States (5.6%).
Nyxem was less prevalent in South America and the Middle East. CAIDA experts also noted that South America was attacked four days later than other regions, possibly because its author released a Spanish version.
While concerns about data destruction on computers from the Nyxem.D variant were widely covered in both technology and mainstream media, CAIDA asserted that the program is essentially unremarkable. According to their estimates, the total number of computers affected by Nyxem is less than those infected by other email viruses. CAIDA indicated that there were very few reports from users about lost data, but they also mentioned that it is challenging to comprehensively assess the extent of the damage.
Security experts advise computer users connected to the Internet not to be overly optimistic about having defeated Nyxem, as scanning and eliminating it from personal and business systems will incur significant costs.
Nyxem.D is a virus designed to overwrite content in Word and Excel document files on infected computers on the 3rd of each month, starting from the preceding Friday. This virus spreads via email with “bait” messages that feature adult images. Nyxem.D will continue to wreak havoc, with its next outbreak expected to occur on March 3.
