Microsoft says it has removed Poison Ivy from more than 16,000 machines since adding it to the coverage of its Malicious Software Removal Tool in early October. The tool is openly distributed through a public Web site and it s also available for sale on underground forums in modified versions that are more difficult to detect. Poison Ivy is a server that sits on an infected machine and waits for commands from the client controlled by a remote attacker. It has a slew of capabilities, and gives even a semi-skilled attacker plenty of options once it’s installed.
Source: https://threatpost.com/poison-ivy-rat-still-giving-users-rash-110311/75841/