If you use instant messaging on your computer, specifically instant messaging from AOL, MSN, Windows Messenger, ICQ or Yahoo, you need to be aware of a new, Christmas-themed worm attack that is now underway. And, as we have been warning, it is in the form of a rootkit attack.
The worm, identified as IM.GiftCom.All, attempts to trick users into clicking on a malicious URL. The link lures the target into visiting a harmless Santa Claus Web site, but actually installs a rootkit payload to the victim's machine. The rootkit payload is often named gift.com and when executed, hides itself on the user's system, attempts to shutdown desktop anti-virus software and starts collecting the infected user's information for broadcast over the Internet. Once a machine becomes infected, the worm takes control of the user's buddy list and broadcasts itself to all available recipients.
Using Christmas themes as a lure for scams, worms, viruses and phishing scams is not new. In fact, researchers warn that Christmas 2005 will be the worst year ever. Last year there were 8,829 different phishing campaigns in December. Look for much more this year. The real problem with phishing e-mail is that they look like e-mail that you would expect to receive during this time of year.
In one example this year, scammers crafted an e-mail that looks like it came from eBay. The mail announces, "Christmas is coming!" and encourages recipients to click on a link to "www.ebaychristmas.net" for advice on "seasonal selling." Though they appear legitimate, the e-mail message and the Web site are fraudulent.
Security experts have also warned of malicious software that can pose as an electronic Christmas card, like last year's Zafi pest. They advise consumers not to open e-mail attachments and to send friends Christmas greetings in plain text or via traditional mail.
You have been warned!
No comments:
Post a Comment