The latest incarnation of the Opanki worm, which spreads itself using AOL Instant Messenger, has begun targeting iTunes users.

The worm appears as a message headed 'this picture never gets old' and carries as a payload a link to a file called itunes.exe. Anyone who clicks on the link to download the Apple app receives the worm, which modifies Windows to ensure it runs whenever the host machine is restarted, and downloads a set of four adware programs.

According to anti-virus specialist Trend Micro, the worm also opens a random TCP port, and connects to an IRC server where it listens out for commands which, if received, it will run on the infected machine.

Trend rates the threat as low, noting that it has detected relatively few infected computers out there. The worm targets Windows PCs running all versions of the operating system from 95 onwards. ®

Related stories

'Alien greeting' harbours Windows malware (http://www.theregister.co.uk/2005/07/20/alien_worm/)
Malware maelstrom menaces UK (http://www.theregister.co.uk/2005/07/18/malware_blitz/)
Industry coalition takes stab at defining spyware (http://www.theregister.co.uk/2005/07/12/asc_anti-spyware_coalition/)
Adware makers exploit BitTorrent (http://www.theregister.co.uk/2005/06/17/adware_outbreak_bittorrent/)
Hackers plot to create massive botnet (http://www.theregister.co.uk/2005/06/03/malware_blitz/)
VXers creating 150 zombie programs a week (http://www.theregister.co.uk/2005/01/05/mcafee_avert_report/)