NYXEM/BLACKWORM/KAMASUTRA - WORM REMOVAL AND PROTECTION INSTRUCTIONS - CLICK HERE

Detecting BlackWorm Without Signatures (NEW)

An article in a German magazine PC-WELT describes a study of anti-virus vendors' ability to detect BlackWorm when it first hit the Net. The analysis, performed by AV-Test lab, points out that some vendors were able to detect the worm without the need for BlackWorm-specific signatures, while others needed to release new signatures.

Signature-based detection mechanisms have been essential to anti-virus products' ability to recognize malicious code. Over the past several years, anti-virus vendors have made strides in heuristic and behavioral detection algorithms, and I am glad to see that these measures in several products were effective at stopping this worm.

More from SANS >>

NOTE: Panda and Kaspersky were noted as two of the vendors that stopped Nyxem/Kamasutra/Blackmal without a new signature.