Download our in-depth report: The Ultimate Guide to IT Security VendorsA variant of a worm that exploits vulnerabilities in Microsoft's instant messaging client caused the media company Reuters to shut down its private messaging service Thursday.
According to reports from Reuters itself and IM management company IMlogic, a variant of the Kelvir worm, Kelvir-RE, had been using the Reuters IM service to distribute instant messages with a malicious payload.
IMlogic issued a statement Thursday reporting that the worm sends a simple message with the linked text ''Is it you?'' When users click the link, the worm sent messages via Reuters to all the infected user's contacts, and shut down some security services on the infected user's computer. The worm sends the messages via both IM and e-mail.
In a report published by Reuters' news service, Reuters spokesman Steve Naru said, ''In order to protect users and to prevent Reuters from being used to propagate this worm, Reuters has temporarily suspended Reuters Messaging services.''https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i The Reuters Messaging network, built around MSN, includes 60,000 users. Though the network is closed, IMlogic CEO Francis deSouza speculated that the worm may have entered by infecting a user via e-mail first.
Reuters had provided no timetable for the restoration of service.