IM worm hits Reuters
Print storyBreaking news
Posted in Anti-Virus, 15th April 2005 11:00 GMT
Free whitepaper – Securing your online data transfer with SSL
Reuters was temporarily forced to shut down its instant messaging service Thursday after a computer worm spread across its network. The culprit - Kelvir-U - is a variant of a worm family that targets MSN and Windows Messenger clients and previously posed no risk to Reuters' tightly-controlled messaging network. This is the first incident where a virus has targeted a privately controlled user community, IM security firm IMlogic reports.
Security firm Akonix reports that it has received "multiple reports from organizations whose networks have been compromised by the Kelvir worm". It said the latest Kelvir variant is rapidly spreading over instant messaging (IM) networks.
Like other social engineering attacks, the Kelvir-U worm sends an IM to people on an infected user's contact list that encourages the recipient to click on a URL link within the message. Once the link is opened, a version of the Spybot worm is downloaded and the worm then sends itself to the newly-infected user's contact list. Spybot opens up a backdoor on infected machines allowing them to be subsequently misused by hackers for nefarious purposes, such as distributing spam. ®
Related stories
MSN Messenger worm seeds zombie networks
Bofra exploit tied to 'massive botnet'
Botched maintenance - not worm - blamed for MS IM glitch
Download.Ject-style worm spreads via IM
Free whitepaper – Certify your software integrity with Thawte code signing certificates
The business case for application security
Reducing messaging and web security costs with managed services
Avoiding 7 common mistakes of IT security compliance
Server-gated cryptography
Airport insecurity: the case of lost laptops
Feds: Hospital hacker's 'massive' DDoS averted
Buggy 'smart meters' open door to power-grid botnet
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive