This is a first. There's a new worm out there that is spreading via ICQ. It directs you to a link, where one of the IE and Windows exploits is used to drop a worm onto your system which then does some of the following things:
1) Collects financial data specific to a few sites (ie Wells Fargo, ETRADE, AMEX, VeriSign, among others).
2) Installs a key logger to log keystrokes made when connected via HTTPS (which is what a lot of financial sites use when you view your account info).
3) Sends the link out to everyone on your ICQ list.
It sends the info collected in steps 1 and 2 to a server somewhere.
Scary stuff for sure. Here's the link to some techweb info.
http://www.techweb.com/wire/story/TWB20040224S0006
And Kaspersky labs info:
http://www.viruslist.com/eng/viruslist.html?id=1029528
The worm is called Bizex.
EDIT: AOL has said they have blocked the worm from spreading through their ICQ servers. Take that for what it's worth. But heres info on it:
http://www.eweek.com/article2/0,4149,1539086,00.asp
1) Collects financial data specific to a few sites (ie Wells Fargo, ETRADE, AMEX, VeriSign, among others).
2) Installs a key logger to log keystrokes made when connected via HTTPS (which is what a lot of financial sites use when you view your account info).
3) Sends the link out to everyone on your ICQ list.
It sends the info collected in steps 1 and 2 to a server somewhere.
Scary stuff for sure. Here's the link to some techweb info.
http://www.techweb.com/wire/story/TWB20040224S0006
And Kaspersky labs info:
http://www.viruslist.com/eng/viruslist.html?id=1029528
The worm is called Bizex.
EDIT: AOL has said they have blocked the worm from spreading through their ICQ servers. Take that for what it's worth. But heres info on it:
http://www.eweek.com/article2/0,4149,1539086,00.asp
Facebook
Twitter