We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Santa Claus worm strikes IM services

Definitely not a friendly visitor

The Santa Claus worm doesn't care whether you've been naughty or nice, but it's making a list of PCs to infect this holiday season, according to a threat alert released by security firm IMlogic yesterday.

A new instant-messaging worm called IM.GiftCom.All is making the rounds this holiday season. Rated as a "medium" threat by IMlogic, the worm attempts to get users of the instant-messaging networks run by AOL, Yahoo and Microsoft to visit a seemingly festive website featuring Santa Claus.

The message comes from someone already present on a user's "buddy list," said Art Gilliland, vice president of products for IMlogic. It contains a supposed link to a URL starting with "santaclause.aol.com/....."

However, clicking on that link takes users to a different website and triggers the download of a malicious file to a user's PC, Gilliland said. That file is created using rootkit techniques, making it extremely difficult to detect with conventional antivirus or operating system tools, he said. Once resident on a system, the file tries to shut down antivirus software and collects personal information that can be redistributed over the internet.

IMlogic has not recorded an instance where that personal information was actually sent out to the internet, but the program does log information, Gilliland said.

Users are advised to avoid clicking on anything sent through an instant-messaging system unless they have verified that the file or picture is legitimate and the sender intended to pass it along, Gilliland said. IMlogic recently identified an instant-messaging bot that produces canned assurances that a file is legitimate when the recipient replies to check its authenticity, so it's important to take extra care to verify the sender's intentions, he said.


IDG UK Sites

Where to buy iPhone 6 and iPhone 6 Plus in the UK: Launch day price, deals and contracts

IDG UK Sites

Is Apple losing confidence in itself?

IDG UK Sites

Professional photo and video techniques for perfect colours

IDG UK Sites

How (and where) to buy an iPhone 6 or iPhone 6 Plus in the UK. Plus: What to do if you pre-ordered...