Town Computer Advanced Technical Service-Kama Sutra A Real Threat

The Kama Sutra Worm –A Real Threat

By Jacques Dady Jean

CEO Town Computer Advanced Technical Services

“Although Microsoft posted a security advisory warning the world about the Kama sutra/Blackmail/Mywife , they will not issue a removal tool until February 14 almost 2 weeks after the malicious software began to make victims, meanwhile their anti-virus security partners were busy promoting their latest anti-virus and internet security software.”

As the CEO of Town Computer, a Massachusetts-based national computer repair center and network security consulting firm, I put in place a rapid response team to deal with the possible dilemma that may be caused by the Kama Sutra also known as Nyxem, Blackmail or mywife. Contrarily to the propaganda orchestrated by Microsoft and its affiliates aimed at downplaying the severity of the epidemic, the Kama Sutra has already triggered extensive damage destroying important computer data all over the world. Last week alone, we recorded in our shops 163 PCs and laptops infected by the worm nationwide and we served nearly 200 other customers by phone and through our website, who alleged that their PC was infected by the worm. Although this number sounds small, it is alarming. The cost of disaster recovery for data overwritten by Kama Sutra ranges between $2500 and $3000, many small businesses has hard time covering such unexpected expenses.

From experience, only Microsoft products are always attacked by these malicious software, users of Sun Microsystems and MAC products have never been exposed to any threat.

Microsoft’s claim that the Kama Sutra threats were overblown by the media is not correct, as well as the highly publicized estimate made by CAIDA (Cooperative Association For Internet Data Analysis) stating that only between 469,000 and 947000 computers worldwide are affected by Kama Sutra. It is almost impossible to track and measure the spreading of an email virus. In fact, they have not specified how they even get these numbers. There are thousands of small computer repair centers and geeks providing convenient computer and network services and so far there is no formal or informal, private or public institution to report revealing computer issues that maybe of national interest.

As we all know the computer industry is not regulated, it is not like the health care industry where the medical community is required to report certain cases of infectious diseases to their local CDC.

Microsoft is downplaying the catastrophic effect of the malware because their anti-malware team had plenty of time to act on the threat and prevent the virus from causing any damage to their customers. Although Microsoft posted a security advisory warning to the world about the Kama Sutra/ Blackmail/ Mywife, they will not issue a removal tool until February 14 almost 2 weeks after the malicious software began to make victims, meanwhile their anti-virus security partners were busy promoting their latest anti-virus and internet security software.

As much as we know, the Kama Sutra is a small V-basic executable file, less than 100 Kb, it also contained a malicious payload designed to overwrite files with certain extensions on the 3rd of every month. Affected file types include: .doc, .xls, .mdb, .mde, .ppt, .pps, .zip, .rar, .pdf, .psd, and .dmp. If you have not been infected this month, the possibility of getting infected is still high.

Computers infected with Nyxem automatically breed a unique http request for the URL of an online statistics page allowing the publisher to track the progress of the worm.

The kama sutra is a real threat, the size of this malicious file and its propagation method making it easy to spread quick. Be aware that the Kama sutra maybe modified and reappear in different and more advanced forms.