Kidala is a rapidly spreading Internet worm that propagates through instant messages, via file sharing networks, by e-mail through messages with malicious attachments, through weakly protected network shares, and by exploiting known system and software vulnerabilities. Once executed, the parasite secretly installs itself to the system and runs a spreading routine. Kidala sends copies of itself to contacts in the Windows Address Book. It also generates e-mail addresses. The worm searches for opened instant messages and sends replies containing malicious links. It uses LimeWire, eDonkey2000, Warez P2P, eDonkey, Kazaa, iMesh and Morpheus programs to share infected files that have meaningful names with users of popular peer-to-peer applications. Furthermore, the worm spreads through weakly protected network shares by picking common user names and passwords. The parasite’s payload is comprised of several harmful functions. Kidala opens a back door providing the attacker with unauthorized remote access to the compromised computer. It allows the intruder to download arbitrary files, perform denial of service (DoS) attacks, uninstall or update the worm. Kidala also terminates running antiviruses, firewalls and other security-related programs. The worm runs on every Windows startup.