The fake Windows Genuine Advantage Tool (wgavn.exe) has been named as W32.Cuebot-K worm by Sophos.
Cuebot-K propagates by sending itself as a file named “wgavn.exe” to more people in the user’s “Buddy List” but without a message, Cluley said.
I just viewed Sophos’ Threat analyses page – by name (letter C) but they don’t have the article for Cuebot-K yet (maybe later). At the time of this writing, they got articles for Cuebot-A to Cuebot-J only (at least, it has been detected now and let’s hope that all other security vendors that has malware detections for worms will be able to protect the users soon!)
@All instant messaging users,