Slashdot Mirror

← Back to Stories (view on slashdot.org)

New IM Worm On The Loose

Posted by CmdrTaco on from the head-for-the-hills dept.

elfarto writes "Techweb is reporting that a new worm that spreads via Microsoft's instant messaging client began badgering users Monday, several security firms said. Dubbed Funner, the worm propagates by sending itself to all the contacts listed in the user's copy of MSN Messenger, Microsoft's IM client. There is an analysis on Symantec Security Response Site; apparently the worm tries to download stuff from www.78p.com and adds entries to the hosts file pointing to more that 400 Chinese porn sites. The worm also sends itself to the whole contact list as funny.exe so it requires the user interaction to actually execute it. "

11 of 407 comments (clear)

  1. why MSN is having trouble? by Anonymous Coward · · Score: 4, Interesting

    Is this why MSN messenger seems to have been down for about 12 of the last 24 hours?

  2. Obligitory windoze comment... by mark_space2001 · · Score: 1, Interesting
    What kinda of doofus writes an OS where you can execute privelleged code (changes a system file like hosts) from a MESSAGING CLIENT?!

    Sorry, I know /. bangs on MS a lot, but jeeze, stop executing stuff sent to you remotely, fer chrissakes.

    1. Re:Obligitory windoze comment... by dioscaido · · Score: 4, Interesting

      Well, if you are running as root, well, the answer to your question is EVERY OS. Run your desktop as root, and it'd take me 5 minutes to write an executable that will hose your whole system.

      The fact is, Windows has a solid, well implemented, priviledge system. The second fact is that they gave this up in favor of app compatiblity (crappy programs that expect to write to the windows directory just to run, versus to user directories) and ease of use. This is biting them in the ass, and they are working on getting people away from running as Administrators. Just not as heavy a push as I'd like.

  3. Re:This will be successful..... by Ghostgate · · Score: 4, Interesting

    You are seriously underestimating the general cluelessness of the average computer user. I think it could be named "worm.exe" and a lot of people would still run it.

    The knowledge (or lack thereof) of the average computer user is the real reason that security is such an issue today.

  4. Re:Impact? by RAMMS+EIN · · Score: 4, Interesting

    You mean AIM is a bigger target than MSN Messenger?

    Well, here's another argument against "Microsoft software gets broken into more, because it is more widely deployed". (Besides Apache vs. It Isn't Secure.)

    --
    Please correct me if I got my facts wrong.
  5. It just never ends! by Anonymous Coward · · Score: 1, Interesting

    No software that Microsoft writes seems to be free of this shit! And the worst part of it is; Microsoft is just about making these vulnerabilities mandatory!

    IE, with its long list of vulnerabilities, has been so intertwined with the OS that it cannot be removed. Hell, the fact that they made Windows update dependent upon IE just about guarantees that everyone that runs Windows will have IE and, thus, be vulnerable.

    Messenger is just as bad! This isn't the first vulnerability in Messenger and I'll bet damned sure it isn't the last! But XP installs Messenger without asking, there is no way to not install or remove it and if it wasn't for third party scripts to remove it everyone running XP would be vulnerable to every Messenger vulnerability whether they wanted to use Messenger or not.

    There has to be some accountability here! If Microsoft is going to force me to run software in order to use their OS, then, damnit, they have to take some responsibility to make sure that it is not going to compromise my system!

  6. Re:This will be successful..... by aardvarkjoe · · Score: 2, Interesting
    That's like saying "All Linux users are elitist snobs", just because there's some jerks mixed in out there.
    Well, to be fair, I think that his comment was more akin to saying "Most Linux users are elitist snobs." Of course, some might argue that that one's true, too :)
    --

    How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
  7. Well, I'm glad I found out how to uninstall MSN... by r_jensen11 · · Score: 2, Interesting

    Yep, I guess that's 1 less vulnerability I have for Windows now, since I uninstalled MSN Messenger. So here's my prediction: Since microsoft's solution to all of their vulnerabilities, they'll just send out a security update disabling their messenger. Little will they know that they're disabling their own product though, because honestly, who can keep track of all of the programs MS makes, especially the ones that have Microsoft in their names?

  8. Re:The Screen Savers by eean · · Score: 2, Interesting

    Its easy to tell which shows originated from G4 and which from TechTV. The G4 shows always have a kind of a lame sense of humor and they're always fawning over whatever product or game that they're talking about. Based on the humor, I'd say the target audience of G4 is the likes of that annoying guy in your eigth grade class. TechTV shows (Screen Savers, easiest to see the difference with X-Play) can actually be funny.

    Basically I think LA is a lamer city then San Francisco. If LA notices something it becomes lame practically by definition. Before they were able to have various notables of Silicon Valley live... now they have actors live. Great.

  9. Re:worm isnt going to do much damage by maximilln · · Score: 2, Interesting

    Traceroute to www.78p.com
    08:21:54 MDT (-0600) Tue Oct 12, 2004

    1. blah.blah.net (aaa.bbb.ccc.ddd) 0.8 ms
    2. blah2.blah.net (aaa.bbb.ccc.ddd) 5.1 ms
    3. blah3.blah.net (aaa.bbb.ccc.ddd) 6.7 ms
    4. *
    5. *
    6. *
    7. *
    8. *
    9. *
    10. *
    11. *
    12. *
    13. *
    14. border10.s6-4.pcisys-1.den.pnap.net (216.52.42.13) 7.4 ms !H

    Trace complete.

    --
    +++ATHZ 99:5:80
  10. Re:Impact? by Fishstick · · Score: 2, Interesting

    >We never hear this about their cars

    Actually, I knew a guy here at work that never once had any maintenance performed on his new cars -- he was proud of the fact that he could afford to just go trade in when the original tires wore out.

    Then again, he was 40+ sharing an apartment with his brother.

    Wonder what the dealer thought about a car that was driven over a year with the original oil never changed?

    It does boggle the mind when you find people that are willfully ignorant about their computers. I can't tell you how many times I've asked my mother in law to stop forwarding these "cute little programs" that she gets. She gets them from god-knows-who, clicks on them to see what they are, and then forwards to everyone in her address book.

    The response when I politely remind her that this is dangerous and she could be infecting her computer and passing on the infection on to all her contacts? "Well, I don't worry about things like that."

    bah

    --

    There is much cruelty in the universe, John.
    Yeah, we seem to have the tour map.