A worm running through Microsoft's instant-message network is dropping spyware bots onto compromised Windows PCs using new multilanguage smarts, security vendors said Thursday.
A worm running through Microsoft's instant message (IM) network is dropping spyware bots onto compromised Windows PCs using new multi-language smarts, security vendors said Thursday.
Although the Kelvir.hi worm is not an extremely high-level risk -- Symantec, for example, lists it as a "2" in its 1 through 5 ranking -- it takes a unique tack to language, for it speaks in tongues.
Ten to be exact.
Kelvir.hi, which spreads via Microsoft's MSN IM network, checks for the system's default language, then periodically blasts out messages in that language to contacts hijacked from the victim's machine. If Dutch is the default language, for instance, the message reads "lol ik heb je foto gevonden;" if English, "haha i found your picture!"
The message may also contain a link to the worm; if the recipient clicks on the link, his machine's infected.
Kelvir.hi also drops a copy of Spybot onto the PC; this spyware-style bot hides in the background and listens for commands transmitted by the attacker. Those commands can tell the bot to scan for specific files, download or upload files, steal passwords, or even log all keystrokes.
Other languages detected and used by Kelvir.hi include French, German, Greek, Italian, Portuguese, Swedish, Spanish, and Turkish.
Most anti-virus vendors have already updated their definition files to detect and delete Kelvir.hi.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.