[ news_security_news ]
IM Worm Slithered From Middle East
John Stith
Staff Writer
2005-11-21
 Security News RSS Feed
FaceTime Communications said a group in the Middle East controlled an instant messenger rootkit worm tied to the WorldWide Bot Network. They announced the worm on Thursday and said the worm provides a backdoor into people's computer system.
"We have delivered detailed research information to the U.S. federal authorities and are fully cooperating with their efforts," said Kailash Ambwani, president and CEO of FaceTime Communications. "This army of ‘bots could be used for any number of malicious purposes including a denial of service (DoS) attack against targeted Web sites."
FaceTime researchers confirmed that a group in the Middle East is further compromising computers infected with the lockx.exe rootkit file. The attackers have compromised multiple servers hosted by ISPs worldwide to distribute the malware payload.
The additional malware includes a "ster.exe" file that contains six additional files to provide the attacker with the capability to upload, download, and monitor the infected host PC. It has also been found that the malware has the potential to steal Microsoft Outlook Express email passwords and log keystrokes. The infected computers can also be used as a platform for launching attacks on Web sites or networks.
All users who have been infected by the ‘lockx.exe" rootkit or its variants are at most risk. Users of other messaging applications may also be affected by the ster.exe payload as it can be distributed by the lockx.exe infected PCs. All PC users can initiate a free online scan which can detect and disable the lockx.exe file by visiting.
About the Author:
John is a staff writer for SecurityProNews covering cyber security.
More news_security_news Articles
Security News RSS Feed
|
|
