New IM, Valentine's Day threat disclosed

By on

Instant messenger users have another thing to worry about, according to security firm Symantec.

The company warned users this week about a recently discovered worm named W32.Maniccum in a posting on its Security Response Center.

"W32.Maniccum is a worm that opens a back door on the compromised computer and spreads via AOL and MSN instant messenger," Symantec warned, giving the worm a ranking of two out of five.

Once downloaded, the worm attempts to lower security settings before waiting for commands from a remote attacker. A malicious user can then access local files, create directories, execute a remote command, launch denial of service attacks or other functions.

Symantec also warned of a number of other worms spreading via email earlier this week. One of the worms, disclosed on the same day as Maniccum, is W32.Hotmatom, which "spreads via MSN Hotmail and deletes files from the compromised computer."

Hotmatom was also given a ranking of 2 out of 5.

Hotmatom is a Spanish-language worm that attempts to delete all files from the root director of the A and C drives before copying itself to the drives using the deleted file names with an .exe extension.

The worm attempts to get users to download its payload by claiming to be Valentine's Day romantic letters, postcards and photos.

Once downloaded, the worm spreads to all PCs in the local network. 

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?