TechShoutAdd to My AOL, MyYahoo, Google, Bloglines


Worm called IM-Worm.Win32.Kelvir.WMF.A Scattering All Over MSN IM Network

          0 Votes
Friday, January 6th, 2006 | Related entries: Security

New IM Worm Identified Akonix Systems Inc. has recognised a new instant messaging (IM) worm named IM-Worm.Win32.Kelvir.WMF.A, which exploits the MSN IM network to spread the newly discovered Windows Meta File (WMF) vulnerability on users’ PCs.

The Akonix Security Center termed the worm as medium risk and is working with its IM network partner to immediately protect customers against this threat.

The IM-Worm.Win32.Kelvir.WMF.A spreads over the MSN IM network using the link http://[snip]/xmas-2006 FUNNY.jpg. This jpg is actually an HTML page that contains a WMF file, taking advantage of a security vulnerability first identified on December 27. Opening the above link in a browser will infect users’ computers by downloading an SDBot that is instructed to download the IM-Worm.Win32.Kelvir.WMF.A virus. In turn, this attempts to re-propagate the worm by using an IM buddy list.

Akonix said that since the discovery of the WMF vulnerability one week ago, this is the first time it is being exploited as an IM-based threat. The company does not expect a patch for the WMF security hole to be issued uptil Tuesday, January 10.

Instant messaging is the simplest way for hackers to take advantage of this security infringe because users simply need to click a link in an IM conversation to get directed to a Web site infecting their machines. Akonix said that anti-virus software may not offer protection against the worm, and has advised enterprises to warn employees of this potential IM security risk.

Akonix L7 Enterprise systems are automatically configured to download and install the latest updates to the Akonix SPIM & Malware Filter, and no IT intervention is required. Akonix L7 Enterprise combines dynamically updated IM security policies and incorporated anti-virus scanning to provide protection for corporate networks from IM-based attacks. Akonix has advised other organisations to ensure all desktop computers are updated with the latest security patches, and that all public IM use is securely managed.

In its Q4 2005 IM Threat Watch report, Akonix said that the Akonix Security Center in 2005 issued a total of 233 SPIM and malware filter updates, compared to only eight in 2004, an increase of approximately 2,800%.

RSS | Permanent Link  |   book mark Worm called IM-Worm.Win32.Kelvir.WMF.A Scattering All Over MSN IM Network in del.icio.usDel.icio.us  |   See this page in technoratiCosmos  |   submit Worm called IM-Worm.Win32.Kelvir.WMF.A Scattering All Over MSN IM Network to digg.comDigg  |   submit Worm called IM-Worm.Win32.Kelvir.WMF.A Scattering All Over MSN IM Network to slashdot.comSlashdot
|

Related:

« Samsung, Verizon Wireless Launch the Chic SCH-i830 Smartphone
Microsoft Explorer 7.0 Shares an Uncanny Similarity to Firefox »

Leave a Reply

*
To prove you're a person (not a spam script), type the security word shown in the picture.
Anti-Spam Image

 
Web TechShout.com