Advertisement
Promo

Security threats Toolkit

MSN Messenger hit by double-whammy worm

Munir Kotadia ZDNet Australia

Published: 03 Feb 2005 09:50 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The latest variant of the Bropia worm was discovered on Wednesday evening. It infects users of MSN Messenger by sending itself as a picture of a roast chicken with tan lines. It also releases a second more dangerous worm called agabot.ajc on the infected user's computer.

Adam Biviano, senior systems engineer at antivirus firm Trend Micro, said that although there have only been a handful of reported infections, Trend Micro has declared a medium risk alert because of the worm's potential to spread and steal users' bandwidth.

"The potential for damage is quite high because it drops another worm on your machine that is quite nasty and can spread through network by taking advantage of unpatched desktops and servers," said Biviano.

Biviano said this variant of Bropia can easily be avoided because it exploits vulnerabilities that could have been patched months ago and relies on users opening a file through MSN Messenger. He advises users to only open files received through MSN Messenger if they are expected -- even if they are from a contact.

"If you receive a file that you are not expecting, even if it is from someone in your contacts list, don't open it because it is very possible that the file is being sent unbeknown to that person.

"The second worm (agabot.ajc) does have the potential to perform a DDoS attack on certain services. For example it preys on the same vulnerabilities that were exploited by Slammer, Blaster (MSBlast) and Sasser.

"Usually if you are sending a file using instant messenger you say 'I'm sending you this picture, have a look at it', It is never random or out of the blue," said Biviano.

Biviano said this variant of Bropia is the first worm to use IM that has been given a higher alert status -- but probably not the last.

"Obviously the popularity of IM itself is starting to gain the attention of the virus writers and they are now using it as a tool," said Biviano.

Munir Kotadia reported from Sydney for ZDNet Australia. For more ZDNet Australia stories, click here.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
77 out of 199 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:






Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

DNA details of innocent will be kept f...

The government has announced that it plans to keep innocent people's DNA details for up to six years. In response to a consultation it launched last December, the government said... More

5 comments

Motorola Droid Drops Today: Happy Droi...

Motorola Droid Drops Today: Happy Droid Day America! Author: Eric Everson, Mobile Security Expert If you’re wondering what all of the buzz is about with words like Droid and Android... More

Post a comment

Mobile Security Profile: BlackBerry St...

Mobile Security Profile: BlackBerry Storm2 Author: Eric Everson BlackBerry handsets are a staple of office culture; from syncing calendars to sharing business-related data,... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters