Kidala.b is a rapidly spreading Internet worm that propagates through instant messages and IRC chats, via file sharing networks, by e-mail sending out messages with malicious attachments, through weakly protected network shares, and by exploiting known system and software vulnerabilities. Once executed, the parasite secretly installs itself to the system and runs a spreading routine. Kidala.b sends copies of itself to contacts in the Windows Address Book and addresses gathered from certain files. It also generates some e-mail addresses. The worm searches for opened instant messages and sends replies containing malicious links. It uses LimeWire, Warez P2P, eDonkey, Kazaa, iMesh and Morpheus programs to share infected files that have meaningful names with users of popular peer-to-peer applications. Furthermore, the worm spreads via IRC chats and through weakly protected network shares by picking common user names and passwords. The parasite’s payload is comprised of several harmful functions. Kidala.b opens a back door providing the attacker with unauthorized remote access to the compromised computer. It allows the intruder to download arbitrary files, perform denial of service (DoS) attacks, uninstall or update the worm. Kidala.b also terminates running antiviruses, firewalls and other security-related programs. The worm runs on every Windows startup.