Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    A worm is making use of MSN messenger to ring in the New Year — by spreading copies of itself, of course.

    It sends any of the following messages:

    • Hey, Can i put theese on facebook?
    • Hi, have u seen my New Year pics yet? if not, this you gotta see!
    • Hi, this you gotta see!
    • Hey, Some pics from New Year at my place :)
    • Hey, happy New Year, heres som pics from New Year! :)

    These messages are accompanied by a link that downloads which, when opened, drops the file happy2008.exe together with the ZIP file. Trend Micro detects both files as WORM_IRCBOT.EL.

    If installed successfully, the worm tries to repeat the process: it sends a link to the malicious .ZIP file to all contacts listed in the currently logged-on user’s MSN Messenger account. The worm may also allow a remote malicious user to execute commands on the affected system.

    Malware authors have long relied upon the human element as the “weakest link” in system protection. The popularity of MSN Messenger, and any other instant messaging application in circulation, makes it a highly appealing vector to spread their malicious wares. However, similar to spam email, most attacks in this avenue require the user to manually click a link.

    Use of IM clients may be impossible to avoid in today’s tech-ingrained culture. The best users can do is to either avoid clicking links received via IM, disable links from being clickable at all if their IM clients allow it, or to simply ask a follow-up question to the sender, like: “hey, is this file safe?” Chances are, it won’t answer if it’s malware doing the sending.

    True, good cheer spreads fast but unfortunately, so does malware, if one is really not careful.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice