GiftCom worm emerges as festive threat
By Matt Whipp
Posted on 22 Dec 2005 at 10:58
Instant messaging security company IMLogic has warned of a festive threat affecting users of AIM, ICQ, MSN, Windows Messenger and Yahoo! IM services.
The IM.GiftCom.All worm sends out a web address to IM clients which, if clicked, will download an executable file, often named gift.com.
If run, the file installs itself as a rootkit into the system which then hides itself from Windows as well as other software, including antivirus software. The virus scans the registry, file system, and Internet cache, makes several networking calls and logs keystrokes on the keyboard. it also tries to shut down antivirus processes and may try and broadcast itself on to other instant message clients.
Companies such as F-Secure and Kaspersky are already developing rootkit detection technologies. You can download a beta of F-Secure's Blackight at the website.
From around the web
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Publishing your email address isn't a security disaster
- Why antivirus is fighting a losing battle in your office
- Four year olds used to steal their parents' data
- An acceptable use policy for your kids
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
advertisement
