Adware & Rootkits Continue to Move through Instant Messenger

Research experts at FaceTime Security Labs™, the threat research division of FaceTime Communications, identified and reported a new threat today affecting AOL Instant Messenger (AIM) applications.

The new worm targets PC hosts infected with lockx.exe or palsp.exe and utilizes IRC enabled malware to connect the host to a server for further infection through a series of commands. One of the commands has the ability to control the AIM client on the infected host and send a message containing links to the AIM buddy list.

When recipients click on the link they become infected with new variants of the IRC enabled malware along with an installation executable “creame.exe” which delivers multiple adware payloads including Zango and 180 solutions. Adware & Rootkits Continue to Move through Instant Messenger: 180 Solutions Involved Again - ReveNews - Wayne Porter, Sr. Director Greynet Research, Online Revenue News & Opinions Since 1998

Linked by shanmuga Sunday, 8th January 2006 9:40PM