Meet Spybot’s new faithful sidekick, Kirvo. Kirvo is a Trojan which goes on advance recon for Spybot, spreading via instant messenger messages which appear to come from friends on the instant messenger user’s buddy list. If the message’s recipient clicks on a link contained in the message, the Kirvo trojan is installed on the user’s computer system, and then Kirvo fetches its friend, the dastardly worm Spybot.
According to Tim Hartman of Symantec, Kirvo takes advantage of the user “by enticing him or her to click the link and launch the Trojan. Once launched, it attempts to download a variant of Spybot, which is a true worm that takes advantage of several vulnerabilities. Kirvo appears to have been developed to assist SpyBot propagation and increase the army of Spybot zombies on the internet.”
The obvious way to avoid Kirvo and Spybot is to not click on links in instant messages, at least not before confirming that the message really came from your buddy, and that the link is legitimate.
Unfortunately, it always comes down to the user, and users are not always as savvy as we would like them to be. Indeed, in a survey which we conducted, the overwhelming majority of respondents have indicated that they think that the worst problem on the Internet is not spam, spyware, or worms, but “stupid users”.
The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.
Yu stupid yo