IM.GiftCom.All Instant Messaging Worm Hits IM Networks
IMlogic has cautioned that a new instant messaging worm, IM.GiftCom.All, is being broadcast on the AOL, MSN and Yahoo! instant messaging networks.
This seasonally appropriate worm attempts to trick users into visiting a Web site that appears to be a harmless Santa Claus site, but in reality distributes a rootkit payload to the end-user.
The rootkit payload is often named gift.com and when executed hides itself on the user’s system, attempts to shut-down desktop antivirus software, and starts collecting the infected user’s information for broadcast over the Internet. Infected users may also further spread the worm by broadcasting the Web site URL to people on their buddy list.
The IMlogic Threat Center detected, quarantined, and blocked this latest attack using the IMlogic Real-Time Threat Protection System (RTTPS). RTTPS automatically protects against these new, previously unknown IM threats by providing in-depth analysis of client and message structure, network anomalies, and message content to identify IM threat propagation behavior and signatures.
IMlogic is rating the IM.GiftCom.All worm a “medium” security threat.
RSS |
Permanent Link
|
Del.icio.us
|
Cosmos
|
Digg
|
|
