Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Worm Starts Munching MSN Users

Posted by ryuzaki0 on from the day-zero-install-windows-learn-spanish dept.

Kosmik writes "It appears that MSN has been struck by a vindictive new worm, according to security company Panda Software. The worm, acting in the vein of movies like the Ring and FearDotCom, delivers a fateful terror message and then proceeds to disable most of your protection software like anti-virus,firewalls and even your Windows control apps (TaskManager, Regedit). It distributes itself to all your MSN contacts by sending a video called 'Fantasma.'"

6 of 168 comments (clear)

  1. Bonus points for character by Rob+T+Firefly · · Score: 3, Interesting

    I don't much approve of destructive viri, but if they're going to be out there, they might as well have a little character to them. Who needs yet another boring old "spams your adress book and erases your HD" routine when you can be 0wned by something just a bit more interesting?

    Reminds me of the good old days of "gimme a cookie."

    --
    Slashdot Burying Stories About Slashdot Media Owned
  2. How does it reproduce? by Spy+der+Mann · · Score: 2, Interesting

    Through a vulnerability in MSN messenger, or is it just the usual "click here to get infected" method?

  3. Doesn't make worms less annoying by SanityInAnarchy · · Score: 3, Interesting

    Someone I met online recently sent me this message:

    "I got my MSN names from http://www.im-names.com/ they're free!"

    After getting this person to clarify that it was sent automatically. I said "OK, that's spyware." They said "I don't care." They are now blocked.

    Gaim and some common sense means I'll never actually get the spyware, but it doesn't mean I won't get annoyed by it. After all, remember chain mail? I used to get chain IMs all the time -- "Send this to 25 friends by midnight and something good will happen!".

    Really, the only solution, no matter what your IM client, is to start blocking morons.

    --
    Don't thank God, thank a doctor!
  4. Re:What are you talking about? by 99BottlesOfBeerInMyF · · Score: 2, Interesting

    As far as I read it this doesn't have anything to do with "bad security" just "bad users". You have to download the code and execute it.

    I strongly disagree. Windows fails to make it clear to most users that this is a program, not a movie. That is a security failing of Windows. By default Windows lets any program, even if it has never run before, do anything it wants to. This is a security failing. By default programs should be limited and users should have to explicitly grant the right to do things like connect tot the internet, and especially to do suspicious things like read your MSN buddy list.

    The problem is not that users are stupid, it is that software is poorly designed. By default why should the OS let random programs read my MSN buddy list? How many that aren't worms need to do that? It is a stupid choice, given the current state of Windows malware.

    First, fix the OS. Make sure users know what is software and what is data, then restrict all of it by default. Fix the UI so users aren't conditioned to constantly click "OK" for vague or useless reasons. Give them real, informed choices and the power to do whatever they want, but only if they are expecting it and only the exact functions they want. Once that is solved and the automated exploits are locked out, you can complain about stupid users. Until then, stop denying the problem because you have been trained to work around it.

  5. Re:What are you talking about? by mpe · · Score: 3, Interesting

    First, fix the OS. Make sure users know what is software and what is data, then restrict all of it by default.

    Also so that the OS knows what is software and what is data. e.g. if an executable has been disguised as an AVI then the best thing to do is try (and probably fail) to play it as an AVI. As opposed to displaying a file with an icon indicating it is one type of file then when it is selected to be opened looking at whatever is actually in the file to decide how to open it.
    Effectivly Windows likes to play "bait and switch" with file types.

  6. Re:GAIM by FireFury03 · · Score: 2, Interesting

    Or, just get IPv6 to work. It's a panaceum for all NAT-related problems -- it fixes them by just removing the damn thing and restoring IP to work the way it was designed.

    I already have an IPv6 network - have done for years. But you don't actually expect a clueless MSN user who wants to send you a file to have IPv6 do you? Also, if you want to do SIP you have the problem that one of the more major VoIP projects, Asterisk, has no support for IPv6 at all.

    Hell, every transitioned user is a step towards getting rid of IPv4, and that's a noble deed.

    I agree, however, IPv6 has one major roadblock which will stop it's adoption in the near future: There are no consumer grade DSL routers in existence that do IPv6. This basically means it's impossible to do native IPv6 or 6-to-4 in most setups (the router is the only thing with a global scope IPv4 address)*.

    (* You can of course get one of the Linksys routers, flash it with WhiteRussian and set that up to do IPv6 either natively or 6-to-4, but that's beyond most users. I'm quite disappointed that despite Cisco's stance on IPv6, none of their Linksys DSL routers seem to support it with the official firmware.)

    That said, there is apparantly some interesting IPv6 stuff in Vista, so maybe that'll push things in the right direction.

    --
    http://blog.nexusuk.org