Thursday, September 2, 2010
Kaspersky Lab identified a new type of Worm that spreads through Instant Messaging
Four variants of this worm have been detected by Kaspersky Lab specialists today. The name «IM-Worm.Win32.Zeroll» has been given to this family of malicious programs. Once the worms are infiltrating a user's computer, look at the list of contacts is located on the messagingkai applications instant distraction. To infect a computer, the worms are using a link that supposedly leads to an interesting picture. In fact, the link leads to a malicious file. The spread is via instant messaging from computers that have already been raised.
The fact that this new family of worms can use multiple languages is something that sets it apart from other similar programs. Specifically, the worms of the family of IM-Worm.Win32.Zeroll using 13 different languages, including English, German, Spanish and Portuguese, to send messages to users from different countries. So far, most attacks have occurred in Mexico, Brazil, Peru and the U.S., there have been several incidents in Africa and India but also in countries of Europe - especially Spain.
Malware family IM-Worm.Win32.Zeroll can gain control of a computer without the user realizing it. Just invade the computer communicate with a remote command and control center. After receiving commands from the center channel through Internet Relay Chat (IRC), they download other malicious programs. It is interesting that this new type of worm is associated with various channels of IRC, depending on the country and each platform instant messaging. This means that the hacker has control of a network of infected computers can make a classification based on the country and the platform and to send different commands to computers. This feature is especially useful to criminals on the Internet for activities such as targeted attacks spam.
"It seems that the creators of this worm are at an early stage of the criminal activity. Currently infect as many computers can, so then hire "services" to other unscrupulous attacks on pay per install, spam, etc., "said Dmitry Bestuzhev, Regional Expert for Latin America of Kaspersky Lab.
Note that all solutions of Kaspersky Lab detected and successfully undermined the variations of this new family of worm.