Slashdot Mirror

← Back to Stories (view on slashdot.org)

New IM Worm On The Loose

Posted by CmdrTaco on from the head-for-the-hills dept.

elfarto writes "Techweb is reporting that a new worm that spreads via Microsoft's instant messaging client began badgering users Monday, several security firms said. Dubbed Funner, the worm propagates by sending itself to all the contacts listed in the user's copy of MSN Messenger, Microsoft's IM client. There is an analysis on Symantec Security Response Site; apparently the worm tries to download stuff from www.78p.com and adds entries to the hosts file pointing to more that 400 Chinese porn sites. The worm also sends itself to the whole contact list as funny.exe so it requires the user interaction to actually execute it. "

14 of 407 comments (clear)

  1. it finds porn? by Anonymous Coward · · Score: 5, Funny

    How is this a bad thing?

  2. Time to switch, perhaps? by kgbspy · · Score: 5, Insightful

    Just like everyone urged their friends and family to switch from IE to Firefox, now could be the time to recommend gaim to them in place of their regular IM client. Except, maybe, those who like chinese porn.

    --
    ~
    ~
    ~
    -- INSERT --
  3. Woohoo! by Gogo+Dodo · · Score: 5, Funny

    Time to cash in!

  4. Impact? by mind21_98 · · Score: 5, Informative

    Fourty-two million users worldwide verses far more for AIM. The impact shouldn't be too big, although one has to wonder why people blindly accept and run files in the first place. It boggles the mind.

    --
    US businesses that currently accept chip and PIN/signature
  5. Dammit by badfrog · · Score: 5, Funny

    Guess my workday tomorrow has been planned out in advance. (I have dumb users.)

  6. d'oh by Anonymous Coward · · Score: 5, Funny

    "..and adds entries to the hosts file pointing to more that 400 Chinese porn sites"

    First good reason i hear to switch to Windows.

  7. Re:why MSN is having trouble? by Anonymous Coward · · Score: 5, Funny

    Is this why MSN messenger seems to have been down for about 12 of the last 24 hours?

    No, that's normal.

  8. Trolling... by Mori+Chu · · Score: 5, Funny
    Well this shouldn't be any problem; it requires the user to actively click an attachment, and users are educated enough not to do that...

    And they don't run as Admin anyway, so the worm couldn't even infect them if they did click it...

    And Microsoft will surely release a prompt fix to address this issue...

    So I don't see what the problem is here. :-)

  9. Clever! by ATomkins · · Score: 5, Funny

    Ohhhh... I see the plan... we slashdot 78p.com, thus limiting the 'worm's damage!

    Good thinking, guys!

    Just doing my part. ;)

  10. Re:This will be successful..... by Zakabog · · Score: 5, Insightful

    Let's see, the average persons friend sends them a file called funny.exe. The average person really enjoying the kind of crap that their friend's send them online, executes funny.exe (which by the way will show up as just "Funny" on the average computer as extensions are hidden by default) gets infected by the worm, notices they get a ton of pop ups, porn sites, all kinds of junk and their computer runs really slow, blames the manufacturer of the PC (Gateway, Dell, IBM, whatever.) Never realizes it was an issue with MSN to begin with, continues on with their life promising to never buy another computer from Gateway, Dell, IBM, whatever. I've seen it happen so many times. My uncle even blames me for the crap that gets installed on his computer (usually while I'm not there, as I live 300 miles away) and doesn't really thank me when I install ad-aware and get rid of the junk (thinking whatever he just did on the computer made everything work right.)

  11. Re:This will be successful..... by HermanAB · · Score: 5, Funny

    No, worm.exe won't spread nearly as fast as virus.exe...

    --
    Oh well, what the hell...
  12. You can be rich !! by ganhawk · · Score: 5, Funny

    Is the worm author most benovelant guy or what ?

    China rewards porn snitches
    1)run windows 2)get infected 3)receive list and fwd to the chineese authority 4)profit!!

    --
    Python script to convert photos into "artsy" portraits: http://p2pbridge.sf.net/pyPortrait/
  13. So much for natural selection by Lurgen · · Score: 5, Funny

    A worm that spreads via IM? Or a worm that spreads via stupid dumb-ass users who don't know better than to run a .exe they weren't expecting to receive?

    One day, with a bit of luck, people opening attachments/files/emails/whatever like this will be considered much the same as people eating strange pieces of food that they find in the street.

    For those in the support side of the field, remember that as long as there are stupid people (and there always will be) security vulnerabilities will always be a poor second cousin to humans. The bulk of your support calls won't come from clever little worms that capitalise on obscure security flaws in a product, they'll come as a result of idiots thinking that "nakedwoman.exe" is actually something they want to see.

    Yet another reason we should embed cattle-prods into keyboards... "wow, some stranger sent me some naughty pictures of herself! Pity they're archived, I'll just double-click and let them extract themsel *zaaaaaaaap!!!*"

  14. Re:This will be successful..... by GMFTatsujin · · Score: 5, Funny

    Everything except a virus checker...

    *sigh*