Kama Sutra does little damage, report says

Few reports of damage to computers were reported Friday as a result of the a mass-mailing Kama Sutra worm, according to Symantec Security Response.

The worm, also known as W32.Blackmal.E@mm, attempted to deliver a payload that would overwrite user files such as Microsoft Office and PDF documents, a Symantec report said.

While investigating the workings of the payload, Symantec researchers determined that a flaw in the worm prevents it from doing damage to newer computers.

When Blackmal.E searched computer drives to find files to overwrite, the worm would skip the first drive and then try to overwrite files on the next drive. This meant that if a computer had a floppy drive (A:), it would skip it and move onto the next drive, which would generally be the user’s hard drive (C:), the report said.

However, if the computer did not have a floppy drive, which was common in newer machines, the first drive would be the hard drive (C:) which the worm would skip and try to overwrite files to the next drive (D:). In many cases this would be a CD/DVD ROM, which the worm would not be able to access and the process would then abort, the report said.

Symantec believed that the lack of damage could also be attributed to the availability of updated antivirus definitions for weeks in advance of the February 3 deadline.

User awareness, updating antivirus definitions and cleaning up infections ahead of the payload date also helped, the report said.

Symantec rated Kama Sutra as a Category 2 threat on a scale of 1 to 5 with 5 being the most severe. Kama Sutra attempts to disable and remove Internet security software. The worm is programmed to execute on the third day of every month. March 3 is the next target day.

“Even if data is safe, users infected should get a removal tool to clean and repair their systems,” said Vincent Weafer, senior director at Symantec Security Response.

Symantec recommends that users:

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

IT World Canada Staff
IT World Canada Staffhttp://www.itworldcanada.com/
The online resource for Canadian Information Technology professionals.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now