PC users are being spoiled rotten this year: another piece of malware purporting to be a message from Santa is delivering surprise gifts over the internet disguised in an electronic greetings card.

The Trojan horse "MerryX.A" is delivered in an email which encourages the recipient to open an attached "animation". While the animation of Santa Claus delivering presents plays, a piece of malware hiding behind the name "SQLServer.exe" is installed on PCs running Windows, according to security staff at Panda Software's PandaLabs.

The software transmits information about the infected computer to a remote server, and then attempts to download files, which could include other malware, Panda says.

Earlier this week, security researchers identified an instant-messaging (IM) worm, IM.GiftCom.All. Once it has infected a computer, the worm searches the contact databases of installed IM applications, and sends messages to the contacts it finds, encouraging them to visit a web site. If the recipients click on the link, the web site attempts to download another piece of malware to infect their PCs, which in turn spread the message further.

The end-of-year holidays provide plenty of opportunities for malware writers to hone their social-engineering skills, as internet users are unsurprised to receive brief messages with a seasonal theme from long-lost friends or distant business contacts.

This is cache, read story here