Slashdot Mirror

← Back to Stories (view on slashdot.org)

New IM Worm On The Loose

Posted by CmdrTaco on from the head-for-the-hills dept.

elfarto writes "Techweb is reporting that a new worm that spreads via Microsoft's instant messaging client began badgering users Monday, several security firms said. Dubbed Funner, the worm propagates by sending itself to all the contacts listed in the user's copy of MSN Messenger, Microsoft's IM client. There is an analysis on Symantec Security Response Site; apparently the worm tries to download stuff from www.78p.com and adds entries to the hosts file pointing to more that 400 Chinese porn sites. The worm also sends itself to the whole contact list as funny.exe so it requires the user interaction to actually execute it. "

8 of 407 comments (clear)

  1. Impact? by mind21_98 · · Score: 5, Informative

    Fourty-two million users worldwide verses far more for AIM. The impact shouldn't be too big, although one has to wonder why people blindly accept and run files in the first place. It boggles the mind.

    --
    US businesses that currently accept chip and PIN/signature
  2. Re:Obligitory windoze comment... by san · · Score: 4, Informative

    The problem with Windows and these worms is that you do not explicitly have to give execute permission to the file in question. It's just recognized as an '.exe' file by Windows and treated as an executable.

    The kind of people who would execute this file, are the same kind of people who wouldn't know how to give some file execute permissions if they were running a Unix-based workstation (probably even OS X).

  3. Re:Another reason to move to GAIM by Carnildo · · Score: 4, Informative

    Switching to GAIM wouldn't help here. All the worm is using MSN Messenger for is as a carrier for the file; there's no particular security hole involved. It's no different from sending a virus attached to an email.

    --
    "They redundantly repeated themselves over and over again incessantly without end ad infinitum" -- ibid.
  4. Re:Another reason to move to GAIM by Lehk228 · · Score: 3, Informative

    actually gaim handles AOL, MSN, ICQ, Yahoo!, IRC, and Jabber.

    --
    Snowden and Manning are heroes.
  5. Re:Another reason to move to GAIM by eean · · Score: 4, Informative

    You got it back words. In general, switching to Gaim won't help, cause it isn't any vulnerability in particular being spread. However in this case it would help, because if you set your little sister up with Gaim and she ran the funny.exe one could assume it wouldn't be able to spread itself further (funny.exe not familiar with Gaim).

    Even better, set your little sister up with Linux and not have to worry about all the other crap funny.exe will do.

  6. Don't forget... by the+real+darkskye · · Score: 4, Informative

    Linux isn't the only desktop alternative
    FreeBSD
    OpenBSD
    NetBSD
    DragonFlyBSD

    --
    Music is everybody's possession.
    It's only publishers who think that people own it.
    Fuck Beta
    ~John Lenno
    1. Re:Don't forget... by PygmySurfer · · Score: 3, Informative

      And of course:

      Mac OS X.

  7. Re:Time to switch, perhaps? by tangent3 · · Score: 3, Informative

    Actually, you might just be on to something. The XUL framework seems to be perfect for developement of a cross platform multi-protocol IM client. Gaim is nice and all, I use it and love it, but the gtk requirement (esp on Windows) is quite a put-off. The reason I'm still sticking to gaim and haven't gone back to miranda is the lack of unicode support in miranda. Now if someone developes a XUL based multi-IM client (maybe a plugin architecture to standalone chatzillas?) that would be perfect.