Fresh ICQ Worm Contaminates Innumerable End-Users

According to Softpedia which published news on August 17, 2010, a new PC virus is presently proliferating and contaminating people's computers that are running the 'Instant Messaging Program,' ICQ.

States Kaspersky Lab that this worm is registered in its AV databases as IM-Worm.Win32.QiMiral.ax, which reportedly is responsible for triggering the endemic on ICQ.

The virus, which propagates via the IM (Instant Messaging) service, when run, steals the password of the user thus enabling it to compromise the victim's IM application. Subsequently, it distributes its own copies to each of the addresses on that user's friends list.

In the meantime, the malware attack began on August 16, 2010 and since then has been spreading in the form of a message that supposedly arrives from a pal. Thereafter, a request follows for a file transfer of the size 916.5 KB which is actually an executable named snatch.exe.

The fake messages come differently worded, like "hello!" "No, look," "look" "well, a mini game-type" to name some of the instances. Moreover, it appears that the origin of the attack is Russia that's least surprising as ICQ is an extremely popular IM program there.

Said research head of mobile attacks Denis Maslennikov at Kaspersky Lab, in case a user downloaded and executed the snatch.exe file, the worm would continuously reproduce itself within the same environment.

And while the malware doesn't result in any direct damage to the victim's PC, there is a key danger in that he receives the malevolent executable from someone known to be reliable like a person from the user's own index of contacts. Indeed, the worm works as a representative of the infected end-user.

Thus to stop this as well as similar other viruses from infecting people's systems, users are suggested that they mustn't trust an .exe document that comes via e-mail, irrespective of whether or not its sender is anyone from the user's address book. And in case infection takes place, the user must go to Windows Task Manager and erase the process associated with snatch.exe followed with removing the worm as well as resetting the password for his ICQ account.

Related article: Fark.com Files Suit against Suspected Hacker from Fox13

» SPAMfighter News - 8/23/2010