Reuters IM shut down by worm

For those of you that think instant messaging attacks are no big deal, catch this…

Yesterday, a new strain of W32/Kelvir worm worked its way into the Reuters news agency’s secure enterprise IM platform, forcing it offline. It could not have come at a worse time for Reuters.

While you use your IM to chat with your pals about what time to go out for coffee, others rely on it as a key channel in their business information flow. I am not talking about plain old news in Reuters’ case, but instead financial markets information.

Securities dealers and financial information providers rely heavily on IM platforms to communicate. And with the markets taking a pummeling yesterday, it could not have come at a worse time for Reuters. They were essentially out of “the loop” for a good part of the trading day.

You can catch the whole report in was back online Friday, just in time to wind up a fantastic week on Wall Street.


Michael, I’m more worried about the state of Reuters’ IT security than I am about IM worms in general. To infect yourself with Kelvir, you have to click a link that arrives via IM, and then download and execute a file. This is a “social engineering” attack that relies on gullible people and outdated (or non-existent) anti-virus software — just like all those email-borne worms out there. More info on Kelvir here:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.