Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Messenger Virus Hits Reuters IM

Posted by CowboyNeal on from the irc-cowers-in-fear dept.

steman writes "Reuters had to temporarily shut down its private instant messaging service after being targetted by the W32/Kelvir-Re trojan. Reuters Messaging is implemented with Microsoft messenger technology and has more than 60,000 users. When activated, the Kelvir trojan sends itself to all users contacts via email and IM. Francis deSouza, chief executive of computer security provider IMLogic, said 'It just generated a flood of instant messages, so it suddenly slowed down the network for legitimate traffic. This is certainly a wake-up call, IM is just like any other communication media. The media needs to go hand-in-hand with security.'"

29 of 275 comments (clear)

  1. Duh! by McGiraf · · Score: 2, Insightful

    "This is certainly a wake-up call, IM is just like any other communication media. The media needs to go hand in hand with security."

    well duh!

  2. We haven't had that wake-up call yet? by rlamoni · · Score: 5, Insightful

    I think many IT departments restrict the use of IM software for this very reason.

    1. Re:We haven't had that wake-up call yet? by Richie1984 · · Score: 5, Insightful

      Which is a shame because whilst IM can be used for a lot of negative purposes, such as transfering virii or timewasting, it can also be used for a lot of positive reasons in business. For instance, it can provide, in my view, a more rapid and more effective way of communicating over long distance than email (obviously if both users are online at the same time). This can lead to greater communication within a company. IT departments should think carefully before banning IM programs across the board.

      --
      I'm not stressed. I'm just terribly, terribly alert.
    2. Re:We haven't had that wake-up call yet? by FriedTurkey · · Score: 4, Insightful

      When our IT department took away IM, I thought it would decline the my productivity. It actually increased my productivity and I would never want IM back. There were too many annoying IMs from people who can immediately IM you with total crap. They first take some time to look at it themselves now because they have to expend extra effort to get on the phone or send an email.

      Having IM is kinda like having everyone at your company working in your cubicle. Anyone can just blurt out some kind of crap without thinking it through.

      Try turning off IM for a day and see how much real work can get done.

    3. Re:We haven't had that wake-up call yet? by FriedTurkey · · Score: 2, Insightful

      I can see your point but then I have to ask, who is to blame for the poor usage? Is it the person who is sending the crap to you or is it you that allows that person to send crap to you?

      I would like to tell my managers to stop IMing me crap but I would probably get fired. I have 5 managers ala Office Space. When something goes wrong, I have 5 IM windows saying: "Did you not get the memo about the new T.P.S. report?"

  3. Why isn't filtering more instantaneous? by PornMaster · · Score: 2, Insightful

    Hell, I get 3-4 "(i from forum)" add-to-contacts requests a day if I leave ICQ up. That's something that could easily be blocked with some kind of regex on the ICQ servers. It's really frustrating that there aren't more spim blockers implemented.

    --
    500GB of disk, 5TB of transfer, $5.95/mo
  4. Microsoft by Anonymous Coward · · Score: 1, Insightful

    It is a good thing they chose that name synonymous with security: Microsoft!

    Again, tell me why capitalists choose to pay a lot of money to other businesses in order to get software which is available (and more secure) for free(?).

    I have to believe corporations also suffer from brandnameitis. It's a shame.

  5. How inconveniant by Anonymous Coward · · Score: 2, Insightful

    Ofcourse with access like this someone could have started a rumour that saudi ariabia would decrease/increase oil production, a merger between X and Y was going through/south, public figure x was assasinated, or a group calling itself l337 cr3w had bombed a major oil pipeline. If convincing, the rumour might be spreaded along with a reuters mark of credability acceptable everywhere where oil/stock/currency-prices and foreign policy are decided...

    Why is it that whenever a worm hits a high profile system noone talks about the potential consequences? A worm hitting ATM`s? how inconveniant if you need cash! Windowsupdate.microsoft.com spreading code red... how dumb of microsoft...

    How is it noone mentions that humanity knows how to write software that isn`t more worm prone then the stuff that got hit by the morris worm twenty F#$%ing years ago? If people mentioned this from time to time consumers might starts asking for computers that don`t turn into spamming, DDoSing zombie whores at the first sign of an overflow exploit. It would be more productive then the ones with the most megahurts marchitecture eye candy.

  6. Don't blame Microsoft for this one. by MarkByers · · Score: 5, Insightful

    No blaming Microsoft for this one. This time it is definitely the users' fault. The trojan simply sends a link to the contacts inviting them to download and run an executable.

    And people still do it!? What will it take before people learn?

    --
    I'll probably be modded down for this...
    1. Re:Don't blame Microsoft for this one. by marcosdumay · · Score: 2, Insightful

      Dialog boxes with pictures help only to confuse the user. There is no better stuf than text to put into them.

      The probem you are pointing happens because some systems abuse of dialog box, they appear all the time, so the user don't care about them. The solution is simple, just use dialog boxes to ask the user for directions, never confirmations (unless there is something very dangerous). Dangerous actions should be hard to execute. So, the system should require concentration to execute the attachment, not to cancel the (easy) execution.

      --
      Rethinking email
  7. Grrrrrrrrr.... by Spoing · · Score: 1, Insightful
    • This is certainly a wake-up call, IM is just like any other communication media. The media needs to go hand in hand with security.

    We [explitve deleted] know that!They don't seem to be listening. AGAIN.

    --
    A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
  8. Re:Old News by kfg · · Score: 5, Insightful

    "I shouldn't make such assumptions."

    Correct. This is primarily a news reposting site, in order to generate discussion.

    It's a forum, not a newspaper.

    KFG

  9. Trillian vs MSN? by rathehun · · Score: 4, Insightful
    I guess this is why Trillian updated the MSN plugin today. Seriously, I don't know why more people don't switch to either Trillian or Gaim.

    Reasons? I would be interested in hearing why. I don't use Gaim much, but I use Trillian everyday.

    There is no way I'm going to use MSN Messenger after that. So many more useful functions - default logging of chat...however I'm not sure about the security aspects, and how it compares with Redmonds offering.

    R.

    1. Re:Trillian vs MSN? by YrWrstNtmr · · Score: 4, Insightful
      The security aspect here is the clueless user, not the tool. This does not automagically propagate. If you got an unknown link from someone in Trillian that says "Click here!" and you did click, then another popup that asks if you want to install 'SomeFunkyProgram', would you?

      No, of course not. You have a bit of a clue. But that's exactly what happened here. The only way Trillian or GAIM would be 'more secure' than MSN Messenger (in this instance) is if they disallowed clickable links in IM's, and/or had no stored contact list. Both of which would be major reductions in functionality.

      GAIM and Trillian DO have major functionality benefits over AIM/MSN/Yahoo (notably, multi protocol) but a clueless user is a clueless user, no matter what client they use.

  10. Re:Why is IM better than a phone? by TeknoHog · · Score: 4, Insightful
    When you're discussing technical matters, it's easier to type a piece of source code or something, than spell it over the phone, hoping the recipient gets it right.

    When you're in a deep hack mode, typing a message is much less distracting than talking to someone.

    --
    Escher was the first MC and Giger invented the HR department.
  11. Re:Why is IM better than a phone? by RollingThunder · · Score: 2, Insightful

    It doesn't require you to sync up.

    You can hold multiple conversations at the same time.

    It indicates if somebody is in, without disturbing them like a phone call does.

    I can deal with them in the order I choose, unlike phone calls.

    You're comparing them to the wrong thing. Phone calls and IM's are different enough that they complement, not compete. E-mail, however, is closer to a competitor for IM.

    We're trying out Office Communicator, and despite the fact that the UI was done by an absolute moron (can't supress offline users? have to see the newbie text all the time? gah) the tool itself is pretty damned useful - and I don't often compliment Microsoft.

  12. Correction... by Caeda · · Score: 2, Insightful

    This statement...

    "This is certainly a wake-up call, IM is just like any other communication media. The media needs to go hand in hand with security.'"

    Should have been...

    This is certainly a wake-up call, IM is just like any other "Microsoft Program". The Microsoft Program needs security."

    There isn't a new yahoo virus flying around, nor is there an AIM virus flying around (sending a url that leads to a virus DOES NOT COUNT, as this is not the program itself spreading the virus but just a text link someone is stupid enough to click on) Nope, just Microsoft MSN viruses... Just like every other microsoft product?

    --
    ~~ Please keep your arms, legs, and outright stupidity inside the ride at all times. Thank You ~~
    1. Re:Correction... by Anonymous Coward · · Score: 2, Insightful


      I'm not sure why the above post was modded troll. Microsoft has bred a culture of irresponsibility in IT displacing decades of tried and true practices.

    2. Re:Correction... by ssj_195 · · Score: 4, Insightful
      Not even remotely interesting, since most of those vulnerabilities were found by Firefox devs and hired auditing firms, rather than by seeing exploits in the wild. And how does "being a target" suddenly create more vulnerabilities? A vulnerability in a piece of software is either there or not, irrespective of how many people use it.

      Having said that, I am of the opinion that as the number of people using Firefox increases, so will the number of exploits, but I can't imagine it ever reaching IE proportions; you pretty much have to design in that level of insecurity ;)

  13. Re:stupid virus by Spoing · · Score: 1, Insightful
    The user needs to click on a link in the IM message, and needs to click on 'yes' on the XPSP2 warning about running unkown executables.

    Just like the majority of Outlook and many IE hijacks? Microsoft hasn't seemed to have learned from the past at all; they keep repairing the same defects over and over when they could eliminate the problem at design time.

    --
    A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
  14. Why do people give Microsoft their money? by Anonymous Coward · · Score: 3, Insightful


    Seriously, Microsoft creates architectures with guaranteed downtime, yet people still buy their products? I think their current revenues are holdovers from their monopoly in the 1990s, and the slip in their earnings is indicative of real slowdown for them. As GNOME/KDE desktops mature, people will certainly have few reasons to spend their hard-earned money on Windows and Office. If they want to spend the money, then spend it on Mac OS X and get something better than Microsoft could ever produce.

  15. Re:Why is IM better than a phone? by sydb · · Score: 4, Insightful

    1. Maybe you should try it then you might understand it?
    2. IM is not really Instant, it's almost-Instant, which means you get a chance to read what you're about to say.
    3. Go right ahead and type, you don't need to wait for the other party to finish their utterance
    4. you can copy and paste things into IM. That's quite hard over a phone call
    5. you get a log of the conversation. So if you need to go back and check a fact, you can. It's possible to record phone calls too but in IM it's automatic and it's much easier to search text than audio.
    6. By logging into IM you are announcing your availability for chat. Not so with a phone call, which is a polling system (ring ring)
    7. Lying requires less work
    8. But really you have to TRY something before you DISMISS it.
    9. there's probably more.

    --
    Yours Sincerely, Michael.
  16. Re:Why is IM better than a phone? by eyegor · · Score: 2, Insightful

    Very true.

    I frequently IM myself as a low-budget cut-and-paste between my computers. It requires 1 screenname for each machine, but it works great.

    Most of the people on my team also use IM for the same purpose. We'd explored using jabber-based chat, but AOLs infrastructure is hard to beat.

    Since AOL added the ability to have encrypted IM sessions between users, I don't have to worry about getting my sessions intercepted either.

    A few years back, there were a rash of problems with users having their IM IDs stolen and used for human-engineering attempts. Self-signed certs are more than adaquate in order to establish an encrypted session. One just has to set up their own CA and get everyone on the team to trust that particular CA.

    --

    Don't anthropomorphize computers, they don't like it.
  17. Use Gaim by RedLaggedTeut · · Score: 2, Insightful

    Well, why not use Gaim then.
    It can handle both MSNmsnger and YIM.

    "The One IM To Rule then all"

    --
    I'm still trying to figure out what people mean by 'social skills' here.
  18. Programming 101 by t_allardyce · · Score: 3, Insightful

    No, this is a wake up call to programmers (the snooze button has been pressed by Microsoft regularly for the last 20 years):

    When transferring any kind of data from one computer/system/program to another, where the source cannot be guaranteed trustable (hint: always) the data should be assumed to be intentionally malformed, as a result the system should either:

    a) limit what the input data can do eg: not be executed as binary or a privileged command, not be capable of overflowing anything (ignore extra long data) not be capable of doing anything that you wouldn't allow any random person to do.

    b) warn the user every time new data is to be processed and require acknowledgement to continue.

    (b) is the reason why your operating system can't install random software people send it without warning/asking you.

    (a) is for documents, emails, messages, pictures, music etc.

    This is a pretty fundamental computing rule, its pretty much exactly like the basic gun safety rules: always assume the gun is loaded. always keep it pointed somewhere you don't mind a bullet going. always keep it unloaded. So you really have to wonder about peoples competence..

    --
    This comment does not represent the views or opinions of the user.
  19. Re:AOL,Yahoo & MS by penix1 · · Score: 3, Insightful

    Microsoft makes itself a big target not only politically but technologically. It is their "extend, embrace, extinguish" attitude that got them into this mess (and other messes as well) when they integrated all their competition's code into the OS. It is sad really that "innovation" to Microsoft really means "acquire".

    B.

    --
    This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
  20. Re:Why is IM better than a phone? by Cromac · · Score: 2, Insightful
    5. you get a log of the conversation. So if you need to go back and check a fact, you can. It's possible to record phone calls too but in IM it's automatic and it's much easier to search text than audio.

    In some states it's also illegal to record phone conversations without consent, I don't belive that protection extends to IM conversations. It's not something you usually have to worry about, but if you're IM'ing with your manager having a record of exactly what was said could save your bacon.

  21. Re:Yahoo! IM by kurzweilfreak · · Score: 1, Insightful

    Heaven forbid you have to choose options during install or *gasp* look at the preferences.

    --

    kurzweil_freak

    5th Kyu Genbukan Ninpo/KJJR student

    Be the darkness that allows the light to shine.

  22. this is fucking hilarious by Edmund+Blackadder · · Score: 2, Insightful

    We are talking about text messaging here. I mean how hard it is to send a line of text securely. There should be no security concerns whatsoever.