/* Style Definitions */
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-fareast-font-family:”Times New Roman”;
mso-bidi-font-family:”Times New Roman”;
IM services have
become so popular, that almost every PC user around the world enjoyed their
services. Although a couple of IM worms have been detected long before 2005,
their count significantly increased during the year.
significant outbreak during 2005 took place in August, when the Win32.Worm.Zotob.A worm and some of its variants (Win32.Worm.Zotob.D) started infecting
US-based computers. The new worm exploited multiple security vulnerabilities in
the Windows 2000 operating system in order to spread across the network.
Although the damage was allegedly situated in the $97,000 space, American
mass-media outlets proclaimed it a large scale disaster. This is mostly due to
the fact that the worm infected
computers at companies such as ABC, CNN, The Associated Press, The New York
Times, and Caterpillar Inc.
October 13 brought
a new surprise in the form of the Samy
XSS worm (also known as JS.Spacehero). The new cross-site-scripting worm was especially tailored to spread
using the extremely popular MySpace social-networking site. The Samy worm also carried a payload that
would display the string “but most of all, Samy is my hero” on a
victim’s profile. According to a MySpace report, the XSS worm managed to infect
over one million users.
Samy‘s author has been
identified as Samy Kamkar. MySpace filled a lawsuit against him for felony.
Kamkar was sentenced to three years probation, 90 days community service and an
undisclosed amount of restitution.
A huge scandal was
about to begin on October 31, when Sony BMG was found to have willingly
infected music CDs with a rootkit in order to prevent illegal copying of music.
The company started protecting its audio CDs with a new technology, called the Extended Copy Protection (XCP). This
piece of software was automatically installed on the customers’ computers each
time the disk was inserted in the CD-ROM. Although Sony BMG had planted the
rootkit (Bitdefender identifies the rootkit as Win32.Sony-DRM-HiddenFile) with no intention to harm the user, the
community claimed that the XCP interfered with the normal way in which the Microsoft
Windows operating system played audio CDs and that it would open additional
security holes to be exploited by malware.
Sony BMG was
accused of having planted spyware on its customers’ machines. The company was
called to court as part of a class lawsuit. Moreover, Sony BMG had to recall
all the affected music CDs.