AIM Worm Installs Rootkit

Get the WebProNews Newsletter:

[ Business]

FaceTime Security Labs reported that a variant of the Sdbot worm has been making the rounds on AIM via chats and instant messaging.

You’ve got rootkit, and spyware, and a host of problems if your antivirus software isn’t up to date. A worm circulating through the AIM network can be a serious problem for PCs, FaceTime said in a release.

A machine victimized by the worm will experience a whole bunch of problems:

 • Adds a lockx.exe rootkit that connects to an IRC server, awaiting remote commands from an attacker.
 • Rootkits may be used by an intruder after cracking a computer system and often hides logins, processes, files, and logs. It may include software to intercept data from terminals, network connections, and the keyboard
 • Acts as a vector for additional adware, worms and viruses
 • Changes a viewer’s original search page to http://www.eza1netsearch.com/sp2.php
 • Often increases the CPU usage to 100 percent after the malware is installed
 • Downloads other applications, including 180Solutions, Zango, the Freepod Toolbar, MaxSearch, Media Gateway, and SearchMiracle

AIM PC users should verify with their antivirus companies that their virus signatures and scanning engines have been updated, as always.

David Utter is a staff writer for WebProNews covering technology and business. Email him here.

AIM Worm Installs Rootkit
Comments Off
Top Rated White Papers and Resources

Comments are closed.

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom