Network News

X My Profile
View More Activity

Instant Message, Instant Virus

Judging from several recent reports from Internet security organizations, virus writers are increasingly targeting instant messaging programs. The SANS Internet Storm Center said today that it has received multiple reports over the weekend of viruses spreading via AOL Instant Messenger (AIM) and Microsoft Messenger. Websense also put out an advisory today about an AIM virus.

According to the latest virus information from TrendMicro, four out of ten of the top online threats at the moment arrive via instant message. Given that Microsoft recently released patches to plug several "critical" security flaws in its Messenger program, the threat of viruses and worms through instant messaging could worsen in the near future.

One of the most pervasive IM worms, dubbed by some anti-virus companies as "Kelvir", has spawned at least 27 variants since it first arrived on the scene in early March. One version of the worm struck online news service Reuters last month, crippling the company's messaging service for 24 hours.

Instant message viruses usually spread by tricking recipients into clicking on a link in a short message that says something like "Hey, check this out." Based on the information provided in a writeup of the latest Kelvir worm from Symantec Corp., IM users definitely do not want to do that: Once downloaded to a machine, Kelvir quietly downloads more software that turns the victim's computer into a spam relay. Kelvir also can log anything you type on your keyboard and e-mail the data to identity thieves, even capture snapshots of anything that you see on your computer monitor, snag footage from your Web cam, as well as any information stored on your computer's clipboard.

Instant messaging also is becoming an increasingly popular medium for "phishing," scams that try to trick computer users into visiting an authentic-looking Web site and entering personal and financial details, according to a report released late last week by the Anti-Phishing Working Group.

By Brian Krebs  |  May 2, 2005; 3:22 PM ET
Categories:  Latest Warnings  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: 'Extremely Critical' Flaws Found in Netscape Browser
Next: More Security Updates for Mac OS X

No comments have been posted to this entry.

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company