IM worm acts as a come on to a Santa Claus site



According to Information Week, there’s a new IM worm out hitting the MSN, ICQ, Yahoo and AIM networks. It poses as a come on for a Santa Claus site. On visiting the site, users receive an unexpected “present” a rootkit which is hidden.


IMlogic said that the worm, dubbed “M.GiftCom.All,” is circulating on the MSN, AOL, ICQ, and Yahoo instant messaging services, is a “Medium” threat, a relatively rare classification for the Waltham, Mass.-based company. Most IM worms and Trojans listed on its Threat Center receive only a “Low” classification.

Like virtually all IM worms, M.GiftCom.All includes a URL in messages it spams out to contacts hijacked from previously-infected PCs. When users naively visit that site — which is billed as a harmless Santa site — a file is automatically downloaded to their computers.

The file, usually named “gift.com,” includes rootkit elements that cloaks it from security software. In addition, the downloaded executable tries to disable a number of anti-virus programs, adds a keylogger to the system to capture confidential information, and then spreads to others by snatching names from the user’s IM client contact list.

So, watch what the young (and young at heart) click on this season and always.

More details at IMLogic.

Related Posts

Blog Traffic Exchange Related Posts
  • Out of Cycle Windows Update - Patch Today Yesterday news broke of an out of cycle security patch for Windows. The bulletin is available from Microsoft. Apparently the vulnerability was in the Windows Server service (XP, 2003, 2000, 2008, Vista ALL affected though regardless of server/workstation/client/desktop/etc...). The RPC handling (remote procedure call) is the achilles heel this time......
  • How to Remove Virus Doctor (or Remove VirusDoctor) | Virus Doctor Removal It looks as though that Virus Doctor (or Virusdoctor) is an older rogue antivirus application, but since it seems related to the search I was seeing lot's of last night about rootscan.info I thought I would devote an article to the removal instructions for virus doctor. Since it may be......
  • How to Remove Anti-Virus Elite | Anti-Virus Elite Removal Guide Anti-Virus Elite is a rogue antivirus application. These rogue antivirus applications pose as a legitimate security application, but in reality is a scam to try to trick you out of money. They will find and claim that there are multiple security problems with your computer. They will claim that you......
Blog Traffic Exchange Related Websites
  • Having Your Bid On - Auctions Are Available It has benefited people that enjoy on-line shopping and enables them have opportunity to buy their favorite products below minimal charge. Unfortunately, buying goods through (bidding online) web sites has now become a possible danger. Given the significance of penny auction web sites on the web, there have come a......
  • Will StumbleUpon Work for Your Corporate Blog? If you are not familiar with the site called StumbleUpon, it is a service that allows users to discover new sites. With the use of a toolbar (spyware free), users of StumbleUpon can find new sites that are related to their interests, or they can choose a random option. Millions......
  • Effective Ways to Get Traffic to Affiliate Sites Traffic is one of the most difficult things to get as an affiliate. How do you get it without wasting your money and how do you get traffic that actually converts into sales or leads? One thing is absolutely clear to any affiliate who gets started promoting products: it’s virtually......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site