Anyone who does not regularly sweep their machine for viruses might want to do so before the 3rd of February – that’s the date that the Nyxem virus is set to delete Word, Powerpoint, Excel and Acrobat files on infected machines, and I would guess that most readers would rather that this not happen. Nyxem is likely to have spread to many users, who would have got the nasty malware if they opened a mail attachment promising free porn.
Like many recent viruses, Nyxem tries to spread by making people open attachments on e-mail messages that are infected with the destructive code.
The subject lines and body text of the various messages Nyxem uses vary, but many falsely claim that pornographic videos and pictures are in the attachments.
On infected machines the virus raids address books to find e-mail addresses to send itself to.
The virus also tries to spread by searching for machines on the same local network as any computer it has compromised.
Starting on the 3rd of February, and continuing each month, the virus is set to overwrite 11 different types of file on infected machines. These are as follows:
DMP - Oracle files
DOC - Word document
MDB - Microsoft Access
MDE - Microsoft Access/Office
PDF - Adobe Acrobat
PPS - PowerPoint slideshow
PPT - PowerPoint
PSD - Photoshop
RAR - Compressed archive
XLS - Excel spreadsheet
ZIP - Compressed file
The destructive power of this virus is somewhat puzzling, in an age where malware writers have turned their hand to scams that make money, rather than cause chaotic destruction. Nevertheless, the threat of Nyxem highlights again the need for up to date anti-virus software, as well as keen vigilance when reading mails and opening attachments. But then, you all knew that already.