Loading ...
Microsoft flees Germany to avoid patent dispute
Microsoft is moving its European software distribution to the Netherlands from Germany after being caught up in patent disputes with mobile phone and tablet maker Motorola Mobility Inc.
MXit launches new developer APIs
MXit has launched a new set of APIs for those who want to develop applications on the platform
Google Chrome overtakes Microsoft Internet Explorer
Google’s Chrome web browser overtook Microsoft’s Internet Explorer (IE) to become market leader globally
Linux Mint Cinnamon – A sweet alternative
Mint releases new desktop OS into already murky Linux desktop waters.
New worm spreads through almost all instant messengers
| James Etherington-Smith | August 26, 2010 | No comments |
James Etherington-Smith
James is journalist and sub-editor at MyBroadband, and editor at MyGaming. He is an avid gamer with an exceptional knowledge about gaming and related hardware...
| Full Profile |
Kaspersky Lab announced the detection of a new family of computer worms that are spreading via numerous instant messaging clients, from Windows Live to Xfire
Kaspersky Lab announced the detection of a new family of computer worms that are spreading through instant messaging (IM) clients.
What makes the worms distinct and highly unusual for this class of program is the fact that they are multilingual and capable of infecting users via several IM clients simultaneously, said Kaspersky.
They say that the IMs affected include Yahoo! Messenger, Skype, Paltalk Messenger, ICQ, Windows Live Messenger, Google Talk and the XFire client for gamers.
Four variants of this worm have been detected so far by Kaspersky, who have named the family IM-Worm.Win32.Zeroll. Once it penetrates a computer’s security settings, it searches present IM clients contact lists and sends itself to all the addresses it finds.
Infection occurs when a user follows what they think is a hyperlink to an interesting picture, which instead leads to a malicious file. The link appears in an instant message sent by an infected machine.
The fact that it is multilingual also makes the new family of IM worms stand out, Kaspersky stated. IM-Worm.Win32.Zeroll uses 13 different languages, including English, German, Spanish and Portuguese, sending users in various countries messages in a language that they will understand.
According to Kaspersky, Mexico, Brazil, Peru and the USA have seen the greatest numbers of infections to date, but many instances have also been recorded in Africa, India and European countries, particularly Spain.
IM-Worm.Win32.Zeroll also has backdoor functionality, Kaspersky warned. This means it can gain control of a computer without the user’s knowledge.
Once it has penetrated a system, the worm contacts a remote command and control centre. After receiving its instructions from the centre via IRC, IM-Worm.Win32.Zeroll starts downloading other malicious programs.
Kaspersky said that they found it interesting that this new breed of IM worm connects to different IRC channels depending on the country and the infected application. This means that a hacker controlling a network of infected computers can classify them according to the country and IM client and send out different commands, which is useful, for example, when distributing targeted spam.
“It appears that the worm’s creators are currently in the early stages of their criminal activities,” said Dmitry Bestuzhev, Kaspersky Lab’s Regional Expert for Latin America. “They are infecting as many machines as possible in order to gain financially from other hackers for things such as pay per install, spam and so on.”
New worm spreads through almost all instant messengers << Comments and views
