IM worm acts as a come on to a Santa Claus site



According to Information Week, there’s a new IM worm out hitting the MSN, ICQ, Yahoo and AIM networks. It poses as a come on for a Santa Claus site. On visiting the site, users receive an unexpected “present” a rootkit which is hidden.


IMlogic said that the worm, dubbed “M.GiftCom.All,” is circulating on the MSN, AOL, ICQ, and Yahoo instant messaging services, is a “Medium” threat, a relatively rare classification for the Waltham, Mass.-based company. Most IM worms and Trojans listed on its Threat Center receive only a “Low” classification.

Like virtually all IM worms, M.GiftCom.All includes a URL in messages it spams out to contacts hijacked from previously-infected PCs. When users naively visit that site — which is billed as a harmless Santa site — a file is automatically downloaded to their computers.

The file, usually named “gift.com,” includes rootkit elements that cloaks it from security software. In addition, the downloaded executable tries to disable a number of anti-virus programs, adds a keylogger to the system to capture confidential information, and then spreads to others by snatching names from the user’s IM client contact list.

So, watch what the young (and young at heart) click on this season and always.

More details at IMLogic.

Related Posts

Blog Traffic Exchange Related Posts
  • The press covering the WMF bug It's always a strange mix between comedy and frustration to see the main media outlets cover a tech news item. I usually wince and brace myself when I see any tv news outlet take on a computer issue and likewise when I read newspapers and non-tech publications take on anything......
  • The Blackworm, Nyxem, KamaSutra Worm... Lot's of news following up on the Nyxem worm in the last few days. It's currently going under a number of names, the Kama Sutra Worm, Blackworm are some of the more common names. Sans has a page for information on the worm here. Microsoft has detailed manual removal instructions.......
  • Clampi Virus | Clampi Trojan The clampi virus is in the news in a couple places today. Surprisingly it's in Symantec's virus database since January and rated as a low risk. However, the sole purpose of this trojan is to monitor your Windows based computer for connections to more than 4500 different financial related sites......
Blog Traffic Exchange Related Websites
  • Understanding The Various Layers Of Web Development To realise web development fully, you first must understand what goes in to this process layer by layer. Here's what you have to know about it. One of the most important layers of web development is content. This is the main thing that pulls people to your site and this......
  • Effective Ways to Get Traffic to Affiliate Sites Traffic is one of the most difficult things to get as an affiliate. How do you get it without wasting your money and how do you get traffic that actually converts into sales or leads? One thing is absolutely clear to any affiliate who gets started promoting products: it’s virtually......
  • 2008 Web Design Competition Winners Just a quick note on the 2008 Web Design Competition Winners. While I don't agree with their choices (and I'm sure no one agrees with their choices for the simple reason that these things are so subjective), seeing who won is a great opportunity to see some of the new......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site