Slashdot Mirror


New IM Worm On The Loose

elfarto writes "Techweb is reporting that a new worm that spreads via Microsoft's instant messaging client began badgering users Monday, several security firms said. Dubbed Funner, the worm propagates by sending itself to all the contacts listed in the user's copy of MSN Messenger, Microsoft's IM client. There is an analysis on Symantec Security Response Site; apparently the worm tries to download stuff from www.78p.com and adds entries to the hosts file pointing to more that 400 Chinese porn sites. The worm also sends itself to the whole contact list as funny.exe so it requires the user interaction to actually execute it. "

4 of 407 comments (clear)

  1. why MSN is having trouble? by Anonymous Coward · · Score: 4, Interesting

    Is this why MSN messenger seems to have been down for about 12 of the last 24 hours?

  2. Re:Obligitory windoze comment... by dioscaido · · Score: 4, Interesting

    Well, if you are running as root, well, the answer to your question is EVERY OS. Run your desktop as root, and it'd take me 5 minutes to write an executable that will hose your whole system.

    The fact is, Windows has a solid, well implemented, priviledge system. The second fact is that they gave this up in favor of app compatiblity (crappy programs that expect to write to the windows directory just to run, versus to user directories) and ease of use. This is biting them in the ass, and they are working on getting people away from running as Administrators. Just not as heavy a push as I'd like.

  3. Re:This will be successful..... by Ghostgate · · Score: 4, Interesting

    You are seriously underestimating the general cluelessness of the average computer user. I think it could be named "worm.exe" and a lot of people would still run it.

    The knowledge (or lack thereof) of the average computer user is the real reason that security is such an issue today.

  4. Re:Impact? by RAMMS+EIN · · Score: 4, Interesting

    You mean AIM is a bigger target than MSN Messenger?

    Well, here's another argument against "Microsoft software gets broken into more, because it is more widely deployed". (Besides Apache vs. It Isn't Secure.)

    --
    Please correct me if I got my facts wrong.