aussie messenger

Out of context: Reply #11

  • Started
  • Last post
  • 21 Responses
  • toe_knee0

    MSN Messenger hit by double-whammy worm
    By Munir Kotadia, ZDNet Australia

    A Bropia variant is using MSN Messenger to spread, and is packaged with a second more damaging worm

    The latest variant of the Bropia worm was discovered on Wednesday evening. It infects users of MSN Messenger by sending itself as a picture of a roast chicken with tan lines. It also releases a second more dangerous worm called agabot.ajc on the infected user's computer.

    Adam Biviano, senior systems engineer at antivirus firm Trend Micro, said that although there have only been a handful of reported infections, Trend Micro has declared a medium risk alert because of the worm's potential to spread and steal users' bandwidth.

    "The potential for damage is quite high because it drops another worm on your machine that is quite nasty and can spread through network by taking advantage of unpatched desktops and servers," said Biviano.

    Biviano said this variant of Bropia can easily be avoided because it exploits vulnerabilities that could have been patched months ago and relies on users opening a file through MSN Messenger. He advises users to only open files received through MSN Messenger if they are expected -- even if they are from a contact.

    "If you receive a file that you are not expecting, even if it is from someone in your contacts list, don't open it because it is very possible that the file is being sent unbeknown to that person.

    "The second worm (agabot.ajc) does have the potential to perform a DDoS attack on certain services. For example it preys on the same vulnerabilities that were exploited by Slammer, Blaster (MSBlast) and Sasser.

    "Usually if you are sending a file using instant messenger you say 'I'm sending you this picture, have a look at it', It is never random or out of the blue," said Biviano.

    Biviano said this variant of Bropia is the first worm to use IM that has been given a higher alert status -- but probably not the last.

    "Obviously the popularity of IM itself is starting to gain the attention of the virus writers and they are now using it as a tool," said Biviano.

    toe_knee 0Permalink
    UpvoteDownvote
    Flag
      Show [[ numHiddenNotes ]] more notesAdd Note
      SaveCancel

    View thread