Advanced instant messenger threat discovered

By on
Advanced instant messenger threat discovered

Yahoo! Messenger, Skype, Windows Live, and Google Talk among those targeted.

Warnings have been made about worms that are spreading via instant messaging (IM) clients.

Kaspersky Lab said that the new family of worms are multilingual and capable of infecting users via several IM clients simultaneously, including Yahoo! Messenger, Skype, Paltalk Messenger, ICQ, Windows Live Messenger, Google Talk and the XFire client for gamers.

Kaspersky said that four variants of IM-Worm.Win32.Zeroll have been detected so far. Kaspersky Lab said that once the worm penetrates a computer, it looks in the contact list of any IM client present and sends itself to all the addresses it finds. Infection occurs when a user follows what they think is a hyperlink in an instant message to an interesting picture, that leads to a malicious file.

IM-Worm.Win32.Zeroll also has backdoor functionality to gain control of a computer without the user's knowledge. Once it has penetrated a system, the worm contacts a remote command and control centre and after receiving its instructions it starts downloading other malicious programs.

Kaspersky Lab said it uses 13 different languages, including English, German, Spanish and Portuguese, sending users in various countries messages in a language that they will understand.
At the present time, Mexico, Brazil, Peru and the USA have seen the greatest numbers of infections, but many instances have also been recorded in Africa, India and European countries, particularly Spain.

Dmitry Bestuzhev, Kaspersky Lab's regional expert for Latin America, said: “It appears that the worm's creators are currently in the early stages of their criminal activities. They are infecting as many machines as they can in order to get good offers from other crooks for such things as pay per install, spam and so on.”

Kaspersky Lab also said that the new breed of IM worm connects to different IRC channels depending on the country and the instant messaging clients located on the computer. This means a hacker controlling a network of infected computers can classify them according to country and IM client and send out different commands, which is useful, for example, when distributing targeted spam.

See original article on scmagazineuk.com

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Poll

New Windows 10 users, are you upgrading from...
Windows 8
Windows 7
Windows XP
Another operating system
Windows Vista
How should the costs of Australia's piracy scheme be split?
Rights holders should foot the whole bill
50/50
ISPs should foot the whole bill
Government should chip in a bit
Other
View poll archive

Whitepapers from our sponsors

What will the stadium of the future look like?
What will the stadium of the future look like?
New technology adoption is pushing enterprise networks to breaking point
New technology adoption is pushing enterprise networks to breaking point
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
The next era of business continuity: Are you ready for an always-on world?
The next era of business continuity: Are you ready for an always-on world?

Log In

Username:
Password:
|  Forgot your password?