Slashdot Mirror

← Back to Stories (view on slashdot.org)

New IM Worm Installs Own Web Browser

Posted by ryuzaki0 on from the safety-first-everyone dept.

Aquafinality writes "A new IM worm discovered recently takes the novel step of installing its own web browser onto the victims PC. Ironically titled "The Safety Browser", its default settings actually make your PC less secure - switching on pop-ups, changing your home page and hijacking your desktop with a looped music track that plays every time you switch your computer on. It's clear people cannot resist clicking "yes" to anything they're presented with via IM - with this in mind, what on Earth can we do so stop the spread of garbage like the above? To put it another way, will reducing the amount of potential "suckers" out there dissuade the bad guys from coming up with ever-more elaborate ideas such as this latest scam? Or is IM safety a lost cause?"

10 of 479 comments (clear)

  1. IM safety? by Whiney+Mac+Fanboy · · Score: 5, Interesting
    Or is IM safety a lost cause?

    It's very hard to stop people executing something thats sent to them by someone they know - but for other vector methods, perhaps people should consider an IM client that doesn't include activeX

    Anyway, mildly interesting, the worm makes no attempt to hide iteself with a "You are beaten, it is useless to resist" desktop paper (!) and music on startup (from TFA) Worse still, music starts to blare out of your PC. Not just any old music - bad music. Bad looped music, with screeching guitars and awful drum n' bass beats.

    But not to worry XP SP2 users, you're protected.... again from TFA:
    Some "good" news, however - SP2 seems to prevent this music from playing in the background.
    snigger.... :-)
    --
    There are shills on slashdot. Apparently, I'm one of them.
  2. It seems there's only one thing we can do. by Ant+P. · · Score: 5, Funny

    Make "Yes" buttons, by default, HURT people physically.

  3. Geeks want to know by Giant+Ape+Skeleton · · Score: 5, Funny
    The question on every Slashdotter's mind:

    does the browser pass the Acid2 test?

    --
    The difference between stupidity and genius is that genius has its limits.
  4. I know where this is headed by theCat · · Score: 5, Interesting

    Next month, an IM worm will install not just a browser, but an entire operating system. It will be Linux, but it will be setup to give the worm owner complete remote ops. It will have basic mail, IM , web browsing and word processing all via the usual open source tools, and will be made to look something like Windows. And 90% of the people who wake up to find this new OS running on their system will simply use it.

    You KNOW they will. That's the level of what we're talking about.

    For one thing people have become accustomed to random stuff showing up on updates and upgrades. The remore operatior will simply launch a splashscreen that says "A gift from Microsoft for your loyalty!" and people will go nuts. For another thing, there is a good deal of evidence accumulated over the many years of this malware war that the users who are keeping malware authors in business are total noobs. Many are developmentally disabled, or are children, or are computer phobes who avert their eyes when the machines "does something odd". Some are simply dumb as cabbages. They click "yeah sure, pwn me" on every dialog box because they are functioning as part of the attached peripherals a NOT an intelligent user.

    No, I'm not bitter. I'm not being sarcastic. I've woken to the reality. This is our world, and we white hats are just a liitle slow on the uptake is all. What this suggests about computer ownership (like maybe you need an operator's license, as required with radio broadcasting, if you are going to traffic in the public sphere) is probably the next frontier of the discussion, that's all.

    --
    =^..^= all your rodent are belong to us
  5. Isn't gonna happen. by Dorsai65 · · Score: 5, Funny

    When you try to make everything idiot-proof, you just raise the quality of the remaining idiots.

    --
    --- Asking inconvenient questions for over 30 years...
  6. My quarter to two in the morning idea by craznar · · Score: 5, Funny

    Split the friggin' internet in half.

    Give out odd numbered IP addresses to Linux users, and even numbered addresses to Windows Users.

    Then Linux computers just turn off access from even numbered source addresses.

    Problem solved.

    Ok - time for bed.

    --
    EMail: 0110001101100010010000000110001101110010 0110000101111010011011100110000101110010 0010111001100011011011110110
  7. The browser it installs is.... by madnuke · · Score: 5, Funny

    Internet Explorer 7!

  8. Why does EVERYTHING transfer files? by DaveLV · · Score: 5, Insightful

    Maybe we can't put the genie back into the bottle, but I think the real problem is that every Internet-enabled application these days is bastardized into a file transfer mechanism. IM programs should be for typing messages back and forth between two or more people. Why should IM even have the ability to transfer files?

  9. make a friendly worm... by AlgorithMan · · Score: 5, Interesting

    well - just make a "nice worm" that tells you

    "hi, your computer is obviously insecure - may I install
    [] firefox
    [] thunderbird
    [] AVG free (Antivirus)
    [] hijackthis
    [] and one of the following freeware firewalls: [insert firewalls here]
    for you? - P.S. I'll install the software from official mirrors, no faked, phishing software - if I wanted to harm you, I could have done this already
    [No] [Yes]

    may I also interest you in
    [] OpenOffice
    [] miranda
    [] bsplayer
    [] ...
    [No] [Yes]

    May I recommend myself to your friends?
    [No] [Yes]

    thank you for your interest
    I'll remove myself from your system now. goodbye!
    [OK]

    I think most people that stick with ms software do this because they have no clue how to install alternative software (seriously - my family uses PCs for 14 years now and still they call me and ask me how to install this and that software) so make a "worm" that assists you in making your pc more secure (and shows you that you need it at the same time) maybe put in links to small, easy-to-understand "getting started" sites...

    --
    The MAFIAA is a bunch of mindless jerks who will be the first up against the wall when the revolution comes
  10. Unfortunately that does nothing for the clueless by Sycraft-fu · · Score: 5, Insightful

    Why? Because it becomes just another hoop to jump through. They don't consider the implications behind their action. The computer wants something, they give it what it wants to it'll shut up and let them get back to doing what they want to do.

    Admin passwords are useful for knowledgable users because if you do something that shouldn't require admiin, but asks for it you can step back and think why it's asking, and approve or deny it based on more information. However clueless users won't do that, they won't know what should and shouldn't need it, so they'll just blanketly issue the admin password.

    I've already witnessed this on other platforms (MacOS) that ask for admin. I was chatting with a guy while he was tinkering with his Mac, it popped up and asked for admin and he said "Huh, that shouldn't need admin"... as he was typing in his admin password (3 letters long). He even recognised that this might be a situation where it wasn't needed (it was actually, nothing harmful) but just gave it the password anyhow.

    So while I think the privledge escalation is Vista is a nice try, and certianly something I'll use personally, I think it will ultimately make no difference for normal users. They'll just make it go away whenever it pops up, and they'll do that by giving it the password it wants.