Yeah this is the same old IRC talk again. In the past posts, we pointed out that while having a chat on IRC there are private messages which contains links pointing to a certain malicious file or a website hosting a malware. There are also instances that another IRC user sends you a malicious file through the DCC command. Up until now, there are still a couple of malwares using these old techniques in IRC to achieve their malicious intents. Tonight (GMT + 8 time), I received a couple of links to malwares via mIRC. Following are snapshots of the messages I received:

The files were all submitted to the Service Team and the detections are as follows:

• [blocked].cjb.cc/Sex.zip – TROJ_MULDROP.LF
  
• [blocked].cjb.cc/Movies.zip – TROJ_MULDROP.LG
  
• [blocked].cjb.cc/MalaySex/Sex.zip – WORM_IRCFLOOD.B
  
• www.[blocked].ne1.net – which has an iframe containing the following link:
  
  
  
  • www.[blocked].com/userfiles/199253/sex.melayu.terlampau.zip – WORM_IRCFLOOD.A

So, the question is why users still fall victims to these techniques? Hmmmm and those creators of these malwares are still using these techniques because there are still a lot of victims falling into their trap. Well I think there is a lack of security awareness on the part of the user. Users must be educated on security risks found in the internet.

As a reminder to users interacting with the internet, files received from unknown or known contacts should be handled accordingly. Have the file scanned by your anti-virus software especially if it is a binary (executable) file. Be wary of links sent to you and have the utmost care in clicking on them and if a file download occurs, it’s always safer to save the file in your local disk to be scanned by your anti-virus software after the download, rather than directly executing it. Apply the latest security patches offered by the software vendor to your machine and keep your anti-virus pattern files up-to-date. Note, be aware and educate yourself with the things around you and in the wild world of the internet. That is the best way you could protect yourself from threats coming from the internet.