Reuters Group was able to bring its instant messaging (IM) system back online early on Friday morning, after an outbreak of the Kelvir worm led the company to shut down the system for most of Thursday.
The London-based news and information provider detected the external worm on its network coming though a customer Internet portal mid-morning on Thursday and took the system down as a precaution, according to Reuters spokesman Johnny Weir. After insuring there were proper filters in place, the IM system was made operational again at 7 a.m. local time Friday, he said.
The Kelvir worm is designed to use Microsoft's IM software as a means for disseminating malicious code. The variant that hit Reuters, W32/Kelvir-Re, was not unique to their IM system, called Reuters Messaging, Weir said.
No incidents of users being infected by the attack have been reported and Reuters' other services continued operating as normal, Weir said.
Reuters has its own IM application for the financial services industry which it developed to be interoperable with Microsoft's MSN Messenger. Reuters' IM system also works with AIM software from America Online (AOL). According to Weir, the problem only affected users on the Reuters system.
The Kelvir worm spreads by sending messages through the IM system to all of an infected user's contacts, encouraging the recipients to visit a Web page to download a file. New versions of both the Kelvir and Bropia worms have been actively attacking systems this year, especially within corporations, according to antivirus software company Sophos.
Reuters has increasingly been connecting customers to its IM system and there are currently more than 60,000 active users, according to Weir.