ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Security threats Toolkit

MSN Messenger hit by double-whammy worm

Munir Kotadia ZDNet Australia

Published: 03 Feb 2005 09:50 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The latest variant of the Bropia worm was discovered on Wednesday evening. It infects users of MSN Messenger by sending itself as a picture of a roast chicken with tan lines. It also releases a second more dangerous worm called agabot.ajc on the infected user's computer.

Adam Biviano, senior systems engineer at antivirus firm Trend Micro, said that although there have only been a handful of reported infections, Trend Micro has declared a medium risk alert because of the worm's potential to spread and steal users' bandwidth.

"The potential for damage is quite high because it drops another worm on your machine that is quite nasty and can spread through network by taking advantage of unpatched desktops and servers," said Biviano.

Biviano said this variant of Bropia can easily be avoided because it exploits vulnerabilities that could have been patched months ago and relies on users opening a file through MSN Messenger. He advises users to only open files received through MSN Messenger if they are expected -- even if they are from a contact.

"If you receive a file that you are not expecting, even if it is from someone in your contacts list, don't open it because it is very possible that the file is being sent unbeknown to that person.

"The second worm (agabot.ajc) does have the potential to perform a DDoS attack on certain services. For example it preys on the same vulnerabilities that were exploited by Slammer, Blaster (MSBlast) and Sasser.

"Usually if you are sending a file using instant messenger you say 'I'm sending you this picture, have a look at it', It is never random or out of the blue," said Biviano.

Biviano said this variant of Bropia is the first worm to use IM that has been given a higher alert status -- but probably not the last.

"Obviously the popularity of IM itself is starting to gain the attention of the virus writers and they are now using it as a tool," said Biviano.

Munir Kotadia reported from Sydney for ZDNet Australia. For more ZDNet Australia stories, click here.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
76 out of 198 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:






Related Jobs

Cisco Network Engineer

Embedded C Engineers x 2 - South West

*Senior Level Unix Engineer(Solaris,Linux,Shell/Perl coding)DEGREE*

Sentry Posts Blog

Virtual Teams: Small Business Innovati...

Virtual Teams: Small Business Innovation Author: Eric Everson, Founder – MyMobiSafe.com As the founder of MyMobiSafe.com, I’ve found that because of our presence in the industry... More

Post a comment

Mobile Security and Innovation: An Ope...

Mobile Security and Innovation: An Open Case Author: Eric Everson, Founder MyMobiSafe.com The times are changing in the mobile industry as “big wireless” in the US Markets are calling... More

Post a comment

Government launches new e-crime unit

Ok, so this is outside of my main area of focus of sustainable and green tech but I do track some security issues too. I was at a meeting last week with Microsoft's security advisor... More

Post a comment

Featured Oracle Resources

Human Resources Management eBook

Supply Chain Management eBook

Design and Innovation Report

Economist Intelligence Unit Report - Technology and growth at mid-sized companies

See All White Papers