14 DAY TRIAL // The famous instant messaging service attacked at the end of this week by the worm Kelvir belongs to Reuters and was back on line during Friday.
The press agency from London tracked the worm into their own networks, the entrance being a portal for clients which was discovered Thursday. Reuters's spokesman, Johnny Weir said the solution chosen by the administrators was to shut down the communication system. After installing the required filters, the IM service were back on line Friday.
The Kelvir worm was designed to use Microsoft's MSN Messenger as a spreading tool for the dangerous code. Reuters services were infected by the W32/Kelvir-Re version which attacked more than just Reuters Messaging. However, its users were "unharmed" by this quasi-meeting with the Kelvir worm, and the other Reuters services continued to function within normal parameters.
Kelvir started to be noticed at the beginning of the year, when it started to circle the main networks. The antivirus producing companies already offer solutions for the removal of the worm.
Kelvir spreads through instant messaging services to all the contacts saved in a user's list. The text from the message invites the user to access a web page and download a file. Kelvir also spreads through email, its purpose being to trick the receiver into accessing the web page.