Saint_Michael
May 25 2007, 06:15 PM
Well if you all remember a few months back I made a topic about the skype worm here, well it seems to have busted out two clones one for ICQ and for MSN. the new variation showed up sometime at the beginning of the week for these two networks and if memory serves me correctly and it usually does, these two messenger networks are huge. Now in order for this worm to be activated a user must click on a link and once they do that the worm will start sending messages to your contact list and get others to click on that link as well. Although security experts rate this as a low risk worm, over the course of the year they have seen hundreds of variations to the worm and having a hard time keeping up with it. But what is really interesting is that network jumping worms have happen before but as this quote mentions about the surprise he saw in doing so. QUOTE
Instant message worms have spread from network-to-network in the past, but this is the first time Boyd has seen a worm jump from Skype to another network.
"It's an odd system to make, because these guys have a foot in the door [in the Skype network]," he said. "You think they'd focus all their energies onto exploiting Skype."
So if you see a funky message on either MSN or ICQ with a link don't click it and you will be fine. SOURCE HERE
Reply
truefusion
May 26 2007, 12:37 AM
You know, these "worms" i find interesting. How do they manage to execute themselves just by clicking a link? Where are they stored at, from where do they operate from? Is it limited to the IM client; does it integrate itself with it? Does it IM people from a remote or local source? Does it aquire ones password during execution? Some of these questions could have been answered in the articles provided; however, my laziness precedes me, therefore causing ignorance.  I remember clicking on those links in IM messages, "This person looks just like you! Click here!" and didn't get infected—of course, i wasn't silly enough to execute the program that came with it. 
Reply
Galahad
May 31 2007, 04:11 PM
Great questions truefusion... I'm also too lazy, and didn't bother reading those articles... I use both Skype, MSN, ICQ, Yahoo, Odigo, and most fo the other messengers... And I have never even seen any of those worms... I never received a strange looking message on MSN, while they are most numerous on Yahoo, from unknown sources, usualy marketing some porn sites, and other, but I have never clicked a link that came with the message... On ICQ, I get mostly authorisation requests, from strange people, asking to add me to their list, which I ofcourse decline, and immediately add them to my ignore list... As I'm a software developer, I think I know a bit about computers and how they work... Usualy, most of the articles have a lot of missinformation in them... One can't be infected by something, just by clicking on the link... You can click on the link, and download a program, a script or something, and THEN get infected... And if the IM client has some sort of voulnerability that you can create some sort of a link with embeded script or something, then it's a major flaw in the system... So people, don't be afraid to click on some link you receive from your friends, just be carefull what you download from the net, even if it appears to come from a trusted firend... If you receive a link that looks like http://ah653hda.com/ or anything like that, I would recommend NOT clicking on it... If you don't have that person on your contact list, also, block it, or add it to the ignore list... Also, when someone sends you a file, stating "Hey, this is my new picture, do you like me?" or anything like it, and that person is not on your list... Block it, it's most likely some sort of a virus, masked as a picture... I have seen a tons of programs, that have a ACDSee JPEG icon as it's own, and a double extension like image001.jpg.exe... You would see it as image001.jpg, with ACDSee's icon, and figure "Hey, it's an image, what could happen?"... But you would actualy be starting a (most likely) malicious program... Luckily, most of new abti-virus and anti-spyware programs, have implemented checks for double extension of files... While on the net... Just... Use your brain... Just a little 
Reply
FLaKes
May 31 2007, 07:12 PM
I have seen these worms in msn many times. Whenever you get a funky message just dont click on it and everything is fine, usually when a friend sends me a link he usually tells me what it is about, and when it just appears and is a really wierd message that I know he wouldnt send me. That is how I find out if the message was really written by my friend or not
Reply
Similar Topics
Keywords : skype, worm, jumps, icq, msn
- Skype & P2p Users - Beware About These Following Worms
(2)
New Virus Called Storm Worm Or W32/nuwar@mm Is Out And About
WINZIP/Rar be WARNED (4) To think the Microsoft ANI exploit and the botnet things were bad but this just top the charts, this
new variation of the Storm virus of last year gets a new powerful punch. The virus gets sent
through a password protected zip fil in which the password is contain in a image file in the email.
The email subject contains either Worm Alert!" or "Trojan Detected! so do not open and just
delete it. Also the image file will read something like UrgentNotice.gif" or "AbuseReport.gif. and
the zip file will read something like "patch-####.zip" or "removal-####.zip.". ....
Myspace.com Flash Hack
account hijacked worm and solution (13) Well buffaloHELP just mention and I have confirmed it by many articles myspace accounts have been
hacked or in hte sense that if your account was hijacked then anyone viewing your profile will also
get infected as well. In a article by chaseandsam.com go into detail on how this happen and a
solution to it as well Click here for more ---WARNING--- Also this hack is also a virus in
which a person who is viewing your hacked profile will get their profile hijacked as well. Also
Symantec mentions about it as well Nortan How it was done ---SOLUTION--- ....
Worm Disguises As Windows Genuine Advantage
be careful of the wgavn service ... (5) QUOTE IT security experts have warned of a worm that purports to be Microsoft's Windows
Genuine Advantage (WGA) anti-piracy tool. WGA has recently been branded as 'spyware' in
that it collects unnecessary hardware and software data from users' PCs. The Cuebot-K worm
spreads via AOL Instant Messenger, registering itself as a new system driver service called
'wgavn'. It carries the display name 'Windows Genuine Advantage Validation
Notification', and runs automatically during system startup. Once in place the worm disables
the Wi....
Worm: W32.areses.h@mm
(3) QUOTE W32.Areses.H@mm is a mass-mailing worm that opens a back door on the compromised computer
and may download files. When W32.Areses.H@mm is executed, it performs the following actions:
Copies itself as the following file: %Windir%\csrss.exe Note: %Windir% is a variable that
refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.
Adds the value: "Debugger" = " " to the registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File
Execution Options\e....
Skype Hole?
(8) When I started Skype today it said that I should install a new version because the old one has
security problems. Does anyone know anything about this? Maybe I am a bit paranoid but still I would
not like to see me computer hacked.....
Alcra D Worm
PLEASE HELP (10) I have the Alcra D worm which starts up limewire and disables regedit and other things. If anyone
knows how to get rid of this tell me. PLEASE. I have adaware, but it never seems to find it. I cant
use ctrl alt delete and limewire slows my computer down because it opens non stop. SO PLEASE HELP. I
have tried other things, but they never seem to work. I found a program for the type B worm, but it
dosnt work for D i tried. Any info on this post back. If you use limewire and it keeps opening this
is what you have by the way. And i love how limwire's FAQ says you have a ....
Nyxem E - Be Safe From This Virus/worm
Latest Mass Mailing Worm (14) QUOTE Windows users are being urged to scan their computers before 3rd February 2006 to avoid
falling victim to a destructive Worm. On that date the Nyxem E Worm is set to delete Word,
Powerpoint, Excel and Acrobat files on infected machines! Don't get caught out... See
complete article at http://www.updatexp.com/nyxem-e.html Better get your anti-virus updated by
3rd Febuary before seeing your files go missing. It's kindda scary worm if not handled properly.
The date is near so get updated fast. Edited topic title. ....
Microsoft Plugs Windows Worm Holes
14 flaws in Windows... (3) http://news.zdnet.com/2100-1009_22-5893344.html?tag=nl.e589 Here is another proof that the words
'Windows' and 'Security' simply cannot go together... And yet another good reason
for installing and start using Linux... Cheers! KoYoda....
New Worm
zotob (1) QUOTE The worm is a packed PE executable file 22528 bytes long. Installation to system When
run, the worm copies under %SYSTEM% directory using the name 'botzor.exe' and creates a
named mutex 'B-O-T-Z-O-R' for making sure that only one copy of the worm is run at the same
time. Then it adds the following registry entries to ensure that it is started when a user logs on
or the system is restarted: "WINDOWS SYSTEM" = "botzor.exe" The worm also adds the
following registry key for diasabling shared access service: "Start" = "4" Spr....
New Worm!
Please note! New Worm here! (9) OK! Mircosoft has just discovered a new worm. I repeat! NEW WORM! The new worm is called
"Zotob". It's a worm that can takes weeks, months, to get embeded into your system and take
over. It digs so deep that it's very difficult to erase. So PLEASE! Listen carefully!
Zotob -- The worm targets Windows 2000 Computers and once it's embeded, it'll try sending
itself to other computers! The worm IS *NOT* caught by emails, websites, anything. It's a
worm that opens itself, so you have to be really carefull now. What it does: Is si....
New Worm, M$ Users, Be Warned!
WORM_ZOTOB.D and WORM_RBOT.CBQ (11) New Virus is emerging. Microsoft users, be alerted!. This is one of the reason why i dont really
like M$ stuff, but still, i need it really much despite of its problems QUOTE Dear Trend
Micro customer, As of August 16, 2005 5:12 PM (Pacific Daylight Time; GMT-7:00), TrendLabs has
declared a Medium Risk Virus Alert to control the spread of WORM_ZOTOB.D and WORM_RBOT.CBQ.
TrendLabs has received several infection reports indicating that this malware is spreading in
Brazil and the U.S.A. WORM_ZOTOB.D is a memory-resident worm that drops a copy of itself in ....
New Virus Kills Music Files
Nopir.B worm wipes out all mp3 and com files (19) http://english.chosun.com/w21data/html/new...0504250004.html Not only does it not differentiate
between legal and illegal mp3 files, it also doesn't let you reboot your computer. So far,
it's been circulating only in Europe, but those in the US and Asia had better take caution as
well. It's only a matter of time.......
Looking for skype, worm, jumps, icq, msn
|
|
Searching Video's for skype, worm, jumps, icq, msn
|
advertisement
|
|
