ATTENTION:Here Comes Santa Claus Worm  Digg  Google  Spurl  Blink  Furl  Y! MyWeb  

A Santa Claus worm is attacking computers via instant messaging programs, according to anti-virus software companies.

nstant messaging, the computer equivalent of text messaging, is being more frequently targeted by malware writers. Christmas provides them with the perfect cover as e-cards and joke messages are sent in their millions.IMLogic warned last night that the IM.GiftCom.All worm presented itself as a harmless Santa Claus file, apparently sent from someone known to the recipient. Victims who clicked on a file link would see an image of Santa Claus but in the background the worm would be loaded on to their computer, IM Logic said. The worm would then send the same message to people on that person's address list.

Anti-virus company Sophos said that this was just the latest such malware to be making the rounds as instant messaging and chat programs, provided by companies including AOL, Microsoft and Yahoo!, came under fire.

However Graham Cluley, senior technology consultant at the company, said that such worms were less successful than ones sent via e-mail. They would only arrive if the recipient was logged on to the instant messaging program when they were sent. With e-mail the malware would arrive and wait in their inbox until the potential victim collected their e-mail. In both cases they would only work if the recipient chose to click on the link presented to them.

Many companies blocked their staff from using instant messaging other than within the firm, Mr Cluley said, effectively securing them from the outside world. He added that most anti-virus programs should catch such worms.

"We tend to find IM viruses travel more successfully between home users," he said.

He added that they were a growing problem, accounting for around 11 per cent of malware. "Never run unsolicited attachments, even if it appears to come from a friend," he advised.

"In the run up to Christmas a lot of people send joke programs - e-cards, Christmas cards. The problem is some of the viruses play on that."

Donal Casey, security consultant at the Morse consultancy, said that the Santa worm highlighted how important an IM policy could be within a company. "People are curious, this new worm really takes advantage of that. We find that, if not reminded regularly, once people see a message from someone on their buddy list, all common sense about suspicious attachments can go out of the window and they will follow the link."

Mr Cluley said that Sophos was not seeing the Santa Claus worm causing a particular problem so far and IMLogic said it was a "medium" threat.

Meanwhile, however, Mr Cluley said that the anti-virus world had received some good news today about the Sober worm. This often advised recipients that the FBI or other law enforcers were aware that they had visited illegal websites and asked them to hand themselves to the authorities.

German police reported that a child pornographer near Hanover had believed the worm's message and handed himself in, he said. Investigations found child pornography on his computers.

Article submitted by: Webshark
Last Update: 12-21-2005
Category: Security

Print | E-mail

Current rating: 5.42 by 88 users
Would you recommend this article to a friend?

Not a Chance 12345678910 Absolutely

Please register or sign-in to post comments.

Related News Stories

(9,233 reads) 07-05-2008
 · Fusion Security
(14,918 reads) 06-02-2007
 · NukeSentinel(tm)2.5.10 Critical Update
(13,706 reads) 05-07-2007
 · NukeSentinel(tm) 2.5.08 Maintainance Release
(15,130 reads) 03-15-2007
 · NukeSentinel(tm) 2.5.07 Reissued: Critical Update
(13,632 reads) 03-02-2007
 · NukeSentinel(tm) 2.5.06: Critical Update
(14,428 reads) 01-23-2007
 · NukeSentinel(tm) 2.5.05 released
(14,462 reads) 12-24-2006
 · NukeSentinel 2.5.04 released
(14,184 reads) 11-03-2006
 · NukeSentinel(tm) 2.5.03 Released
(18,043 reads) 10-19-2006
 · Php Nuke 8.0 Patched
(14,412 reads) 10-01-2006
 · ipBan Modification