A worm spread through AOL’s Instant Messenger is disguising itself as a piece of Microsoft anti-piracy software, security experts have warned.
The W32/Cuebot-K worm aims to open up a backdoor in Windows that could allow hackers to take control of the machine, security firm Sophos warned.
Senior technology consultant Graham Cluley said: “It describes itself to Windows in the Services as the Windows Genuine Advantage Validation Notification, which is the name of a genuine Windows process used by Microsoft to detect pirated software.”
Sophos had only received a “handful of reports” of the worm so far, Cluley said. But he added: “It’s a useful reminder that things are not always what they seem on your computer. If you have Instant Messenger services, don’t think the email or message from your buddy is safe.”
Worm attacks on corporate instant messaging systems have been increasing sharply. Research released in February by instant messaging management firm Postini revealed that more than 2,400 new threats had appeared in 2005 – a number expected to double by next year.