Sophos warns over reworked nachi worm

Anti-virus firm Sophos is warning PC users to be aware of a new version of the Nachi worm, Nachi.B, which attempts to remove the MyDoom virus and download Microsoft security patches to unprotected computers.

Nachi-B searches for unpatched computers and takes advantage of the same critical security hole in Microsoft Windows that was exploited by the Blaster worm last year.
Once located, Sophos says the worm infects the computer without asking the user's permission and hunts for traces of the MyDoom worms.
If a MyDoom infection is found, the Nachi-B worm attempts to remove it and download patches to fix the Microsoft vulnerability.
Graham Cluley, Sophos' senior technology consultant, said that while the virus author may think he is a modern-day Robin Hood, Nachi.B infects computers without permission, steals system resources and makes changes to a PC's setup and data.
He added that the worm can also cause unexpected conflicts on the user's PC.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.