01:48 PM
Connect Directly

New IM Worm Talks In Tongues

A worm running through Microsoft's instant-message network is dropping spyware bots onto compromised Windows PCs using new multilanguage smarts, security vendors said Thursday.

A worm running through Microsoft's instant message (IM) network is dropping spyware bots onto compromised Windows PCs using new multi-language smarts, security vendors said Thursday.

Although the Kelvir.hi worm is not an extremely high-level risk -- Symantec, for example, lists it as a "2" in its 1 through 5 ranking -- it takes a unique tack to language, for it speaks in tongues.

Ten to be exact.

Kelvir.hi, which spreads via Microsoft's MSN IM network, checks for the system's default language, then periodically blasts out messages in that language to contacts hijacked from the victim's machine. If Dutch is the default language, for instance, the message reads "lol ik heb je foto gevonden;" if English, "haha i found your picture!"

The message may also contain a link to the worm; if the recipient clicks on the link, his machine's infected.

Kelvir.hi also drops a copy of Spybot onto the PC; this spyware-style bot hides in the background and listens for commands transmitted by the attacker. Those commands can tell the bot to scan for specific files, download or upload files, steal passwords, or even log all keystrokes.

Other languages detected and used by Kelvir.hi include French, German, Greek, Italian, Portuguese, Swedish, Spanish, and Turkish.

Most anti-virus vendors have already updated their definition files to detect and delete Kelvir.hi.

Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and trends on
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.