Russian social networking worm wipes hard drive files

Vkontakte is the most popular social-networking website in Russia with over 12 million users, and is said to be the most popular Russian website full stop in terms of visitors (yes, even beating their home grown search engines).


It’s sadly no surprise then to discover that the criminal underground have attempted to take advantage of the site – which bears an uncanny resemblance to Facebook – by spreading a worm.

The W32/VKon-A worm executes its payload at 10am on the 25th of any month, wiping all files on the user’s C: drive.  The guys in SophosLabs added specific detection for it yesterday, but Sophos products were already capable of detecting it proactively as Mal/Generic-A.

Sign up to our free newsletter.
Security news, advice, and tips.

More information about this threat, including a screen capture of the cartoon it displays when it runs, can be found on the blog run by our friends at Kaspersky Lab.

Of course, this isn’t the first time that a social networking website has been struck by a malware attack.  For instance, in December 2007, Google’s Orkut site was hit by an infection which used a cross-site scripting (XSS) attack to infect hundreds of thousands of members’ profiles.

If you’re responsible for securing your business against attacks, you might want to consider once again whether you should have a policy at your web gateway controlling which users can access which websites.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.