GiftCom worm emerges as festive threat
By Matt Whipp
Posted on 22 Dec 2005 at 10:58
Instant messaging security company IMLogic has warned of a festive threat affecting users of AIM, ICQ, MSN, Windows Messenger and Yahoo! IM services.
The IM.GiftCom.All worm sends out a web address to IM clients which, if clicked, will download an executable file, often named gift.com.
If run, the file installs itself as a rootkit into the system which then hides itself from Windows as well as other software, including antivirus software. The virus scans the registry, file system, and Internet cache, makes several networking calls and logs keystrokes on the keyboard. it also tries to shut down antivirus processes and may try and broadcast itself on to other instant message clients.
Companies such as F-Secure and Kaspersky are already developing rootkit detection technologies. You can download a beta of F-Secure's Blackight at the website.
- Is it worth upgrading a media centre to Windows 8?
- Flickr redesign: is it enough to tempt photographers back?
- Hands on with the new Google Maps
- Nokia Lumia 925 review: first look
- Why I won't subscribe to Creative Cloud
- GoPro camera strapped to a remote-control helicopter: the ultimate boy's toy
- Acer Iconia A1 review: first look
- Acer Aspire P3 review: first look
- Acer Aspire R7 review: first look
- How we produce the PC Pro podcast
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet
- The hard disks you can "secure" with a single-digit password
- Why I've started using a password manager
- Time to kill off CAPTCHA
- Are today's young people Generation I (for insecure)?
- Ransomware that's better made than antivirus software