1
Quote
27 Aug 2010
Kaspersky Lab spots new breed of IM worm
Cyber criminals able to wreak havoc on several IM clients simultaneously
Security experts are warning users to be on guard against a new family of computer worms spreading via a variety of instant messaging (IM) clients.
Kaspersky Lab said it has detected four variants of the IM-Worm.Win32.Zeroll worm so far.
The malware is unusual because it is multi-lingual and is able to spread over several IM clients simultaneously, including Yahoo Messenger, Skype, Paltalk Messenger, ICQ, Windows Live Messenger, Google Talk and the XFire client for gamers.
The attack appears as a malicious link in an instant message that comes from an infected machine. Following the link takes the user not to the interesting picture they were promised, but an infected file and once the malware gains access to the user’s PC it opens the IM address book and sends itself to all clients.
IM-Worm.Win32.Zeroll is also able to gain control of a computer without the user’s knowledge, downloading other malicious programs.
Kaspersky Lab explained that the new breed of IM worm also connects to different IRC channels depending on the country and the IM clients located on the computer.
“It appears that the worm’s creators are currently in the early stages of their criminal activities,” said Dmitry Bestuzhev, Kaspersky Lab’s regional expert for Latin America.
“They are infecting as many machines as they can in order to get good offers from other crooks for such things as pay per install, spam and so on.”
Kaspersky Lab spots new breed of IM worm
Cyber criminals able to wreak havoc on several IM clients simultaneously
Security experts are warning users to be on guard against a new family of computer worms spreading via a variety of instant messaging (IM) clients.
Kaspersky Lab said it has detected four variants of the IM-Worm.Win32.Zeroll worm so far.
The malware is unusual because it is multi-lingual and is able to spread over several IM clients simultaneously, including Yahoo Messenger, Skype, Paltalk Messenger, ICQ, Windows Live Messenger, Google Talk and the XFire client for gamers.
The attack appears as a malicious link in an instant message that comes from an infected machine. Following the link takes the user not to the interesting picture they were promised, but an infected file and once the malware gains access to the user’s PC it opens the IM address book and sends itself to all clients.
IM-Worm.Win32.Zeroll is also able to gain control of a computer without the user’s knowledge, downloading other malicious programs.
Kaspersky Lab explained that the new breed of IM worm also connects to different IRC channels depending on the country and the IM clients located on the computer.
“It appears that the worm’s creators are currently in the early stages of their criminal activities,” said Dmitry Bestuzhev, Kaspersky Lab’s regional expert for Latin America.
“They are infecting as many machines as they can in order to get good offers from other crooks for such things as pay per install, spam and so on.”
Edited by zalternate, 30 August 2010 - 06:52 PM.
