W32.Evolym


Aliases: W32.Evolym,Trojan.Win32.VB.dxu, BehavesLikeWin32.FileInfector, Win32/Xema.worm.413696
Variants: N/A

Classification: Malware
Category: Computer Worm

Status: Active & Spreading
Spreading: Moderate
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 06 Jun 2008
Damage: Medium

Characteristics: W32.Evolym is a worm that propagates through windows instant messaging clients as well as through email hacking. This worm may steal private information from the compromised computer. This information may lead to the hands of the black market. Confidential email messages and/or usernames and passwords can also be sold in the Internet. The worm uses different instant messaging platforms to send and drop a variant of this worm.

More details about W32.Evolym

If it finds an instant messaging platform, the virus automatically executes itself on the system of the computer. The email the virus sends is displayed like this, “Subject: Send to All_love.” Another characteristic of this worm is that it may come as a link contained in an instant message. Thus, users must be warned to not always install or turn on computer services that popped up in your screen. These are critical avenues virus usually attack. It also proliferates to all Wndows Operating System platfroms such as Windows 98, Windows 95, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003 and Windows 2000. Posting another threat, the worm also has the ability to spread to network shares and gain full control over the compromised computer. Once the virus is currently installed in your computer, the worm multiplies itself to the system directory.

It was speculated that the W32.Evolym program infects a machine through different methods depending upon its variant or the malicious user that propagated it on the Web. Users reported that the common method of propagation for this worm is to bundle it with other freeware applications on the Web. There were claims that some variants are dropped by other malicious programs infecting a machine -- usually Trojan Downloader and Droppers. Expert users claimed that the codes incorporated into the W32.Evolym worm is used for machines running under the Windows platform, specifically Windows 95, 98, Me, NT, 2000, and XP.