The Santa Claus worm doesn't care whether you've been naughty or nice, but it's making a list of PCs to infect this holiday season, according to a threat alert released by security firm IMlogic today.
A new instant-messaging worm called IM.GiftCom.All is making the rounds this holiday season. Rated as a "medium" threat by IMlogic, the worm attempts to get users of the instant-messaging networks run by America Online, Yahoo, and Microsoft to visit a seemingly festive Web site featuring Santa Claus.
The message comes from someone already present on a user's "buddy list," said Art Gilliland, vice president of products for IMlogic. It contains a supposed link to a URL starting with "santaclause.aol.com/a?|"
However, clicking on that link takes users to a different Web site and triggers the download of a malicious file to a user's PC, Gilliland said. That file is created using rootkit techniques, making it extremely difficult to detect with conventional antivirus or operating system tools, he said. Once resident on a system, the file tries to shut down antivirus software and collects personal information that can be redistributed over the Internet.
Users are advised to avoid clicking on anything sent through an instant-messaging system unless they have verified that the file or picture is legitimate and the sender intended to pass it along.
Santa Claus Worm
1 reply to this topic
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users