The worm arrives in an instant message that contains text telling the recipient to go to one of several Web sites. Clicking on the URL link in the message opens a Web page with malicious JavaScript code that sends instant messages advertising the Web page, or other Web pages with the code, to all the MSN Messenger users on the user's contacts list, Symantec and F-Secure say in advisories.
Dubbed "JS. Worm" by Symantec and "Coolnow" by F-Secure, the worm sends instant messages, but does no damage to a user's system, the antivirus software vendors said. F-Secure is trying to shut down the sites hosting the malicious code before it becomes very widespread, the company said.
An example of how to stage such an attack was published last weekend by two European experts. More from the IDG Network. Exploit released for MSN Messenger 'avatar' hole. New, virulent Cabir mobile phone worms spotted. Super-connected users could aid IM worms.
Related: Security Malware. The note contains a link back to the Web page containing the code, with a message like "Hey go to link plz" or "Go to link NoW!!! Some of the pages containing the code were taken down quickly, according to virus companies. The worm appears to have spread at high speed, due to the instantaneous nature of Internet-based instant messaging, but does not appear to have infected large numbers of users. Sophos, a UK-based antivirus company, said none of its customers had reported being hit by the virus.
However, experts say that instant messaging--which is now closely integrated with Internet Explorer--and worms could turn out to be an explosive combination because of the speed with which instant messages can spread, much more quickly than an e-mail message. JavaScript code is not as damaging as, say, the Visual Basic script distributed by many notorious e-mail worms. It is "sandboxed", meaning that the types of actions the scripts can carry out are strictly limited; for example, scripts can't carry out certain system-level actions unless they come from a vendor that is trusted and approved by the user.
But coupled with other exploits, JavaScript could be used to wreak havoc on a PC, experts warn. The JavaScript code used to create the worm may have come from a demonstration designed to warn of the dangers of the Internet Explorer bug as early as December, according to Sophos.
It happens to the best of us, and the worst of us. The more interesting thing is how some unscrupulous web site got you to cough up your personal information in the form of your contacts list. They even got you to authorize a mass message sent to everyone on your list pimping their bile while looking like it came from you.
A trick that worked so well that when you got one you didn't hesitate to click it because it came from, as you said, a trusted friend. It wasn't a clever piece of code that hacked your account. Instead, it was some brilliant social engineering.
Playing on your, and everyone else's that they duped, ego. I will willingly release control of my account, just give me the goods. This reminds of something similar a few years back. There was an e-mail going around that had words to the effect that "somebody you know has a secret crush on you; enter the e-mail address of who you think it might be to see if you are right.
Scott sent me another URL, and it's been blocked as well. If anyone has different URLs, please email me directly and I will pass them along to the Messenger team. Ouch, that hurts. It sounds like you don't have antiphishing built into your internet security program Or are you using an internet security program, and which one if you don't mind my asking?
I just posted an article about internet security because Norton did not pick up MalwareAlarm on both my home computers and neither did McAfee on my work computer.
I did a controlled test with Panda's Internet Security suite tried to install it to see which security programs would catch it , and it was was the only one that truly caught it It has antiphishing and web site content filtering built in as well - which sounds like something you might want to take a look at ;- Here's the article if you don't mind my posting a link: Norton and McAfee Failed to Protect My System from Malware and Viruses.
Rick Palmer. Interestingly, this morning, neither IE nor Firefox's Phishing filter picked it up The only question I have is: Did they let you use a strong password?
Joe Brinkman. July 06,
0コメント