Slashdot Mirror
New Worm Spreads Via MSN Messenger
vxone writes "Anti-virus experts are watching a new worm that spreads through Microsoft Corp.'s MSN Messenger client. The worm is not harmful to infected machines and has infected only a few PCs at this point, according to an analysis by Trend Micro Inc. Known as Jitux, the worm is self-propagating and contains a link to a Web site that automatically downloads an executable file named 'jituxramon.exe' to the PC. Once the file runs, the worm begins sending out copies of itself to all of the names in the user's Messenger contact list."
Uhhh, shut down the website that the "worm" is sending a link to?
This thing is not a worm, no matter how much you want it to be one.
In Soviet America the banks rob you!
A friend of mine, who knows a bit about this kind of thing (no, he isn't) suggested that this is the kind of thing someone would do if they wanted to cause a lot of damage, but not get caught. The harmless version will be widely propogated, and then it's only a matter of time before some script kiddie loads up a far more harmful payload. This will probably be the person that takes the rap for the whole thing, leaving the original virus creator scott free.
Linux doesn't protect users from being idiots. Nothing can.
HOW'S MY POSTING? CALL 1-800-POSTING
Nothing. However privlidge separation on a Unix box would prevent a harmful payload in a worm of this sort, unless the user was running as root. In which case, he needs to be shot.
I still have more fans than freaks. WTF is wrong with you people?
I thought self propagating worms involved no direct user interaction (ie a tard clicking a link), doesn't that make this just a plain old (really simple) trojan if anything being as it pretends to be something else (i assume the link comes with a message like click here to see me holiday pics !)?
because everything is controlled via friggin VB.
i mean, for once the excuse can't be: "well, they attacked [insert MS software title here] because it's the most popular". AIM and YIM have been around a lot longer and no one ever wrote a "worm" (debatable label in this case) for those...
in this age of communication i'm just not getting through
" However privlidge separation on a Unix box would prevent a harmful payload in a worm of this sort, unless the user was running as root."
Could you elaborate on this a little? From what little I understand of permissions in *nix, this might prevent data from being written in the wrong spot (i.e. overwriting of system files), but would it prevent a headless app from running and sending out messages to other machines?
Ah if only application firewalls were standard issue like virus scanners. At least Microsoft's forcing that evolution to happen.
"Derp de derp."
do you trust ./'ers to only write innocent, good willed code ?
The Internet's nature is peer to peer - 20050301_cs_profs.pdf
Things like this have been on IRC, e-mail, MSN, AOL, ICQ and any other chat type application you can think of. It's the classic n00b getter. Send them a message that warns of imminent doom, promises something wonderful or what have you and try to get them to run your app. That app then does as you please.
This is the kind of vunerability that we'll basically never be able ot get rid of, barring some kind of orwellian palladium thing. Dumb users will run shit they shouldn't, and infect their boxes. You can do things to reduce the probability, but you can't eliminate it.
I deal with this at work all the time. We have a user that just loves to run every damn attachment she gets her hands on. Despite a virus scanner and as restrictive privledges as we are allowed to give her, she STILL gets infected form time to time. There's just no stopping it. The only way would be to disallow her to run apps that admins don't install, which we aren't allowed to do (adn doesn't apply to home users).
So we just have to accept this crap. Hopefully OS/app makers will do what they can to make it as hard as practical for this to ahppen, but you'll never eliminate it. YOu also have to be careful not to go too overboard. I mean I can think of many measures that would make these things much safer. However they generally involve things that would make them a bitch to use and piss people off.
About a year ago, I think something like this was on the loose. Almost everyone on my contact list tried to send me something called "blaargh.exe". When I asked them what it was they had no clue.
;)
Well, people that accept these kind of file transfers without knowing what it is and then _opens_ the executable only have themselves to blame... (for not getting a Mac
Sig Nature
Why is it when some one does something stupid on UNIX and screws their HDD, its the user that is blamed but when the user CHOOSES to run Windows and CHOOSES to run MSN and CHOOSES to have their default browser to be Internet Explorer, for some reason they're immune to this barrage of RTFM and instead it is Microsoft who gets the blame.
Sure, I love the Microsoft bashing mosh pit just as much as the next Mac/FreeBSD user, however, in all honesty, when is the end user going to take responsibility for their actions? doesn't this sound like the a-typical senario in the "real world", something bad happens and the government is blamed for not stopping the idiot from hurting themself.
The fact remains that the end user does VERY little to protect themselves. Sure, we'll have a chorus of ranters claiming that in their zyx operating system world, they would *NEVER* need that and through some miracle, some how their operating system of choice is immune to all vunerabilities.
The fact remains that no matter what operating system you run, you HAVE to take precautions. Run an anti-virus, make sure your software and virus definitions are updated, run a GOOD firewall and actually learn how to use the computer so that you can set up the firewall so that is it beneficial rather than a hindrance.
If you follow these VERY basic precautions, I would be VERY surprised if you get infected.
In a perfect world, one WOULDN'T need to take these precautions, software would be bug free, everyone would be honest Joe's and Jane's, however, that isn't the case, the fact is, the world is filled with losers, script kiddies and other parasites and unfortunately the only way to defeat these people is to make their conquests so meaningless that they'll go back to nicking car badges off cars and boasting to their friends about what level of "Rainbow Islands" they got up to on their SEGA.
Btw, does any one remember that game?
Erotic uses a feather; Pornography uses the whole chicken
Hold on... so, would the worm spread through Trillian, Miranda and such?
Why is it considered offtopic when someone corrects a person.
/want/ to go to the other side of the road. Perhaps if there were food, or offspring, but there would need to be some instinctual impetus for... " and on and on.
Well, I can't speak for the mods, but I thought the spirit of the parent was to be funny. He accomplished that, although he was slightly inaccurate. You pointing out what you did was like someone dissecting a joke until it's no longer funny.
a la "well, technically, a chicken may not really have the mental sophistication to
It would be a different matter if the facts for his post needed to be accurate. I'd welcome corrections, but, unlike the original poster, a corrective post isn't really accomplishing anything in that vein. That's why your post (and mine) is Offtopic. I'm not saying it's not welcome or completely useless, but you shouldn't be surprised that it's considered Offtopic.
HTH
You don't need Geeksintraining if you're on Slashdot.