CME-24 Porn Virus: First Unplug Your Network!

Feb 3, Step One: Unplug the Ethernet connection before you turn on each networked computer. Why?

The porn virus affectionately known as Kama Sutra makes its first penetration when some sex-starved knothead opens a beckoning email attachment.

But once CME-24 makes it onto one system, it trashes the registry settings for anti-virus software to keep it from running at startup. Then CME-24 can spread like wildfire via writable network shares on systems with blank administrator passwords, destroying every file with an extension of doc, xls, mdb, mde, ppt, pps, zip, rar, pdf, psd, or dmp.

That’s why unplugging a computer from the network will limit possible damage. And don’t forget laptops. They’re the most likely carrier for bypassing your network’s spam and virus filters.

FYI, CME-24 is also known as Blackmal.F, Grew.A, Kama Sutra, Kapser.A, MyWife.d, MyWife.E, Nyxem-D, Nyxem.e, Nyxem.F, Small.KI, Tearec.A, VB.bi, VB.NEI, VB-CD, VB.CIL, VB-8 and KillAV.GR. So feel free to call it anything that starts with an expletive.

Software at risk: Microsoft Windows NT, 2000 SP4, XP SP1/SP2, XP Prof x64, 2003, 2003 SP1, 2003 x64, 2003 Itanium, 2003 Itanium SP1, 98, 98 SE and Millennium Edition (ME).

Microsoft says that estimates claiming millions of infectees are likely exaggerated by… millions. We agree. After checking prevalence of CME-24 reports at F-Secure, Panda, Sophos, TrendMicro and our own trimMail Inbox network, we’re pretty sure most of the damage has already been done… by the hyperventilating news media.

Thus, if you updated your anti-virus software network-wide, you’re probably good to go. Unplug those computers before startup. Then take a break. You’ve earned it.