Users of instant messaging systems MSN, AIM, ICQ, and Yahoo could get smacked with a worm that entices people to click on a link to Santa Claus.
This gift is one you'll wish you'd never opened. The IM.GiftCom.All worm arriving by those IM systems or over Windows Messenger appears to be a URL linked to a picture of Santa Claus. IMLogic, which discovered the worm, posted that clicking the URL launches an executable file.
Once that file gets started, it embeds itself into the PC as a rootkit, and scans the registry, file system, and Internet cache.
IMLogic also said the process hides from antivirus and other system tools that might detect it. The worm also logs keystrokes and may also try to spread itself to other users over IM to usernames it grabs from those services on the infected PC.
While its method of distribution doesn't make it a big threat, the amount of damage it can do to a system caused IMLogic to rate it as a Medium threat, a company executive told CNet News.
Users and administrators should ensure they are running the most current versions of their antivirus engines and that signature files have been updated to help repel the threat. Also, people will want to be careful about clicking on links in messages that arrive unexpectedly, even if they appear to be from a legitimate messaging buddy.
Lawrence,
Expediters Online.com
Sacred cows make the best burgers
"So tell me, are those cookies made with real Girl Scouts?"
Sometimes the squeaky wheel doesn't get the grease, it just gets replaced
You can't tell a book by its movie
-----------------------------------------
Thanks For Visiting EO!
http://www.expeditersonline.com/hotnews/sterling_eo_forum.jpg
Please Help Us Get The Word
Out About Expediters Online.com!
-----------------------------------------
This gift is one you'll wish you'd never opened. The IM.GiftCom.All worm arriving by those IM systems or over Windows Messenger appears to be a URL linked to a picture of Santa Claus. IMLogic, which discovered the worm, posted that clicking the URL launches an executable file.
Once that file gets started, it embeds itself into the PC as a rootkit, and scans the registry, file system, and Internet cache.
IMLogic also said the process hides from antivirus and other system tools that might detect it. The worm also logs keystrokes and may also try to spread itself to other users over IM to usernames it grabs from those services on the infected PC.
While its method of distribution doesn't make it a big threat, the amount of damage it can do to a system caused IMLogic to rate it as a Medium threat, a company executive told CNet News.
Users and administrators should ensure they are running the most current versions of their antivirus engines and that signature files have been updated to help repel the threat. Also, people will want to be careful about clicking on links in messages that arrive unexpectedly, even if they appear to be from a legitimate messaging buddy.
Lawrence,
Expediters Online.com
Sacred cows make the best burgers
"So tell me, are those cookies made with real Girl Scouts?"
Sometimes the squeaky wheel doesn't get the grease, it just gets replaced
You can't tell a book by its movie
-----------------------------------------
Thanks For Visiting EO!
http://www.expeditersonline.com/hotnews/sterling_eo_forum.jpg
Please Help Us Get The Word
Out About Expediters Online.com!
-----------------------------------------