IM worm acts as a come on to a Santa Claus site



According to Information Week, there’s a new IM worm out hitting the MSN, ICQ, Yahoo and AIM networks. It poses as a come on for a Santa Claus site. On visiting the site, users receive an unexpected “present” a rootkit which is hidden.


IMlogic said that the worm, dubbed “M.GiftCom.All,” is circulating on the MSN, AOL, ICQ, and Yahoo instant messaging services, is a “Medium” threat, a relatively rare classification for the Waltham, Mass.-based company. Most IM worms and Trojans listed on its Threat Center receive only a “Low” classification.

Like virtually all IM worms, M.GiftCom.All includes a URL in messages it spams out to contacts hijacked from previously-infected PCs. When users naively visit that site — which is billed as a harmless Santa site — a file is automatically downloaded to their computers.

The file, usually named “gift.com,” includes rootkit elements that cloaks it from security software. In addition, the downloaded executable tries to disable a number of anti-virus programs, adds a keylogger to the system to capture confidential information, and then spreads to others by snatching names from the user’s IM client contact list.

So, watch what the young (and young at heart) click on this season and always.

More details at IMLogic.

Related Posts

Blog Traffic Exchange Related Posts
  • How to Remove Anti-Virus Elite | Anti-Virus Elite Removal Guide Anti-Virus Elite is a rogue antivirus application. These rogue antivirus applications pose as a legitimate security application, but in reality is a scam to try to trick you out of money. They will find and claim that there are multiple security problems with your computer. They will claim that you......
  • Out of Cycle Windows Update - Patch Today Yesterday news broke of an out of cycle security patch for Windows. The bulletin is available from Microsoft. Apparently the vulnerability was in the Windows Server service (XP, 2003, 2000, 2008, Vista ALL affected though regardless of server/workstation/client/desktop/etc...). The RPC handling (remote procedure call) is the achilles heel this time......
  • Clampi Virus | Clampi Trojan The clampi virus is in the news in a couple places today. Surprisingly it's in Symantec's virus database since January and rated as a low risk. However, the sole purpose of this trojan is to monitor your Windows based computer for connections to more than 4500 different financial related sites......
Blog Traffic Exchange Related Websites
  • Are Annuities the New Pension? I have thought and written extensively about the benefits, costs, and risks of immediate and variable annuities for retirement. Now even the White House is suggesting that more boomers consider using annuities to provide lifetime retirement income. In his State of the Union address, President Obama talked about economically supporting......
  • Will StumbleUpon Work for Your Corporate Blog? If you are not familiar with the site called StumbleUpon, it is a service that allows users to discover new sites. With the use of a toolbar (spyware free), users of StumbleUpon can find new sites that are related to their interests, or they can choose a random option. Millions......
  • Download any .dll file that is Missing in Your Computer Well Folks, some of you might be facing problems related to .dll files. You can download missing .dll files from sites given below: DLL-files.com - Download all your missing dll-files. DllDump - free dll files. download dll files you need immediately! InfDump.com - download inf files you need immediately! OcxDump.com......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site