“Bot Herder” Jeanson James Ancheta, the BotNet operator taken down by the Feds, told colleagues of operating the botnet of more than 400,000 infected PCs, “It’s immoral, but the money makes it right.”

According to best estimates, as many as a half-million PCs world-wide are infected with a malicious “blackworm” code which is set to delete data from their hard drives on February 3rd. The worm, previously identified as the Kama Sutra worm, also known as Blackmal.E, Nyxem.E, Email-Worm.Win32.VB.bi, W32.Blackmal.E@mm worm, or W32/Nyxem-D, is set to wipe all Word, Excel, PowerPoint and PDF data from your hard drive! It’s being delivered in email with subjects like “School girl fantasies gone bad,” and “Re: sex video.”

The new Nyxem-D worm making the rounds has been dubbed the “Kama Sutra worm”, because it arrives in an email offering graphic sex images and videos. Also called Email-Worm.Win32.VB.bi, W32.Blackmal.E@mm worm, or W32/Nyxem-D, the email has such enticing subjects as “Kama Sutra pics!”, “Hot Movies”, “give me a kiss”, Miss Lebanon 2006″, “Part 1 of 6 Video clip”, “The Best Videoclip Ever”, “Arab sex DSC-00465.jpg”, “Fw: SeX.mpg”, “Fwd: Crazy illegal Sex!”, and “School girl fantasies gone bad.”

The Sober worm, and its fake email from the FBI, has accidentally caused a German pedophile to turn himself in!

You better watch out, you better not click – Santa Worm is coming to AIM. And the IM.GiftCom.All Santa Claus worm is targeting Yahoo and MSN messengers as well.

A new AIM worm, called IM.Myspace04.AIM, attempts to get you to download the clarissa17.pif file by appearing to interact with you. But give IM.Myspace04.AIM and clarissa17.pif the cold shoulder!

The newest version of the Sober worm disguises itself as a fake email from the FBI or fake email from the CIA. Most come from Steven Allison.

A new AOL Instant Messenger worm, SDBot.add, installs the rootkit Lockx.exe on your computer. In addition to the root kit, the AIM worm changes your searchpage to https://web.archive.org/web/20070525203505/http://www.eza1netsearch.com:80/sp2.php at eza1netsearch.com.

The BagleDI-U trojan is showing up in a lot of places this week. Being called Bagle.cd or Bagle.da, and hidden in an attached file called either “price_new.zip”, “price2.zip” or “09_price.zip”, it’s turning up all over the place.

Mepe.A is an instant messaging worm which says “te mandaron un recado conmigo” (I’ve been asked to give you a message), but which really gives you an infection instead.

Yusufali-A is a new trojan worm which censors web sites by minimizing your browser window and displaying a verse from the Koran which includes the phrase “Yusufali: Know, therefore, that there is no god but Allah, and ask forgiveness for they fault, and for the men and women who believe”

Wullik.B (W32.Wullik.B@mm) has infected the Zen Neeon MP3 player. Creative says that nearly 4,000 of the Zen Neeon MP3 players were shipped with the worm, and has issued a recall.

The Zobot Botzor.exe (a/k/a worm-rbot.cbq, rbot.cbq, and rbot.ebq) and Mytob worm authors are believed to have been arrested in Turkey and Morroco. Authorities in both countries, in cooperation with the FBI and Microsoft, arrested Farid Essebar and Atilla Ekici, using online nicknames Diab10 and Coder, who are believed to have authored the worms.

Online game community and security experts are warning about PrsKey.a, a keylogging worm which steals your username and password, and allows those behind it to steal all your game booty.

Microsoft has announced that they have just updated their Malicious Software Removal Tool (KB890830) to detect and remove the Zotob worm which brought down computer systems across the country this week. The Zotob worm has also been referred to in news reports as also Zobot, Botzor, Botzor.exe, worm-rbot.cbq, rbot.cbq, and…