Palevo/Yimfoca malware spreading 'aggressively' via IM

Stephen Withers
Tuesday, 04 May 2010 17:26

Business IT - Security

Call it Palevo, call it Yimfoca, a worm is being spread through instant messaging programs and other vectors.

BitDefender is warning of "an aggressive worm" spreading among Windows based computers via Yahoo and Microsoft instant messaging programs as well as network shares and removable drives.

The company is referring to the worm as Palevo, a name previously used by Symantec for a worm in July 2009. The current worm has been dubbed Yimfoca by Symantec.

Instant messaging users are warned against opening links in incoming messages without checking that they were intentionally sent.

An example provided by BitDefender shows a link to what purports to be a photo but is actually an executable program that installs the Palevo/Yimfoca worm. If the recipient attempts to open the 'photo' - Boom! Pwned!

Apart from spreading itself, the worm provides backdoor access to infected systems, steals login credentials from Firefox and Internet Explorer, and infects various peer-to-peer applications including eMule and LimeWire.

What's the easiest way of avoiding this piece of malware? Please read on.