«
»

IM worm acts as a come on to a Santa Claus site



According to Information Week, there’s a new IM worm out hitting the MSN, ICQ, Yahoo and AIM networks. It poses as a come on for a Santa Claus site. On visiting the site, users receive an unexpected “present” a rootkit which is hidden.


IMlogic said that the worm, dubbed “M.GiftCom.All,” is circulating on the MSN, AOL, ICQ, and Yahoo instant messaging services, is a “Medium” threat, a relatively rare classification for the Waltham, Mass.-based company. Most IM worms and Trojans listed on its Threat Center receive only a “Low” classification.

Like virtually all IM worms, M.GiftCom.All includes a URL in messages it spams out to contacts hijacked from previously-infected PCs. When users naively visit that site — which is billed as a harmless Santa site — a file is automatically downloaded to their computers.

The file, usually named “gift.com,” includes rootkit elements that cloaks it from security software. In addition, the downloaded executable tries to disable a number of anti-virus programs, adds a keylogger to the system to capture confidential information, and then spreads to others by snatching names from the user’s IM client contact list.

So, watch what the young (and young at heart) click on this season and always.

More details at IMLogic.

Popularity: 1% [?]

PDF Download    Send article as PDF   
Blog Traffic Exchange Related Posts
  • Out of Cycle Windows Update - Patch Today Yesterday news broke of an out of cycle security patch for Windows. The bulletin is available from Microsoft. Apparently the vulnerability was in the Windows Server service (XP, 2003, 2000, 2008, Vista ALL affected though regardless of server/workstation/client/desktop/etc...). The RPC handling (remote procedure call) is the achilles heel this time......
  • How to Remove Anti-Virus Elite | Anti-Virus Elite Removal Guide Anti-Virus Elite is a rogue antivirus application. These rogue antivirus applications pose as a legitimate security application, but in reality is a scam to try to trick you out of money. They will find and claim that there are multiple security problems with your computer. They will claim that you......
  • Major botnet building and the massive jump in spam For a few months now (since the demise of bluefrog actually) I've noticed that the level of junk mail has gone up on my own mail server. Yes, I use spamassassin to filter and tag, but the volume of stuff that's tagged has gone up (as well as the volume......
Blog Traffic Exchange Related Websites
  • 2008 Web Design Competition Winners Just a quick note on the 2008 Web Design Competition Winners. While I don't agree with their choices (and I'm sure no one agrees with their choices for the simple reason that these things are so subjective), seeing who won is a great opportunity to see some of the new......
  • Understanding The Various Layers Of Web Development To realise web development fully, you first must understand what goes in to this process layer by layer. Here's what you have to know about it. One of the most important layers of web development is content. This is the main thing that pulls people to your site and this......
  • Effective Ways to Get Traffic to Affiliate Sites Traffic is one of the most difficult things to get as an affiliate. How do you get it without wasting your money and how do you get traffic that actually converts into sales or leads? One thing is absolutely clear to any affiliate who gets started promoting products: it’s virtually......

Similar Posts


This entry was posted on Tuesday, December 20th, 2005 at 9:27 pm and is filed under Computers, Security, Viruses. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.

Switch to our mobile site