Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Worm Starts Munching MSN Users

Posted by ryuzaki0 on from the day-zero-install-windows-learn-spanish dept.

Kosmik writes "It appears that MSN has been struck by a vindictive new worm, according to security company Panda Software. The worm, acting in the vein of movies like the Ring and FearDotCom, delivers a fateful terror message and then proceeds to disable most of your protection software like anti-virus,firewalls and even your Windows control apps (TaskManager, Regedit). It distributes itself to all your MSN contacts by sending a video called 'Fantasma.'"

20 of 168 comments (clear)

  1. GAIM by eldavojohn · · Score: 3, Insightful

    So I connect to the MSN network but through a nice free little app called GAIM.

    My friends often try to send me files or pictures or videos through the MSN network and it doesn't work. They get annoyed and tell me to "just use MSN." I'm told that GAIM is stupid & crappy for not supporting these features.

    Really makes you wonder if the people who developed gaim couldn't figure out how to make the videos/pictures stream through the chat box ... or if it was a design decision by choice to avoid hidden viruses that the codecs unpack in the media files. Probably the latter.

    GAIM also works on a number of other chat networks--as chat clients should. Another thing about chat clients is that they should stick to limited functionality. There are way more secure ways to transfer files. I don't want a profile, I don't want it integrated with my operating system (married to the kernel), I don't want media streaming, I just want to chat.

    Don't bloat your software.

    --
    My work here is dung.
    1. Re:GAIM by CSZeus · · Score: 5, Informative

      Seeing as Gaim is in the process of working on what they call their vv module (the v's standing for voice and video), I don't think it was as much of a security-driven choice as it was a time-driven choice. That or they've had a change of heart, whichever you deem more likely ;)

    2. Re:GAIM by CSZeus · · Score: 5, Informative

      "Gaim 2.0.0 beta 2 does not include voice or video ("vv") support for any protocols. We've done some work toward vv compatibility for Google Talk, but it isn't ready for the general public yet. It is unlikely this will change for the final release of Gaim 2.0.0, but vv will be a primary focus for the next major release of Gaim after that." (emphasis mine) As per their news page circa January, 2006 (link)

    3. Re:GAIM by cag_ii · · Score: 5, Insightful

      I just want to make sure im clear on what your point is. You are suggesting that not being able to transfer files via GAIM is a feature and not a bug?

  2. Payload by gEvil+(beta) · · Score: 5, Funny

    "on the 1st day you get scared, on the 2nd you get desperate, on the 3rd you look for help and on the 4th you die"

    Panda did not provide information about the payload of the BlackAngel.B worm.

    I think it's pretty clear what the payload is. Somebody better get a fix out for this quick...Like in the next 2 or 3 days!

    --
    This guy's the limit!
  3. Fantasma Vs Fantasma by eldavojohn · · Score: 4, Funny
    It distributes itself to all your MSN contacts by sending a video called 'Fantasma.'
    Not to be confused with the Spanish release of the film "Ghost" starring Whoopie Goldberg, Patrick Swayze, Demi Moore and a rotating lump of clay (possibly the only bearable thing in the movie).

    A CNN poll taken recently showed that 98.1% of US citizens would rather have the MSN virus on their computer instead of the 1990 film in Spanish.

    It's so unfortunate that we haven't invented the technology to "unwatch" films yet.
    --
    My work here is dung.
  4. Trillian, and regedit... by ursabear · · Score: 3, Insightful

    A trojan/virus/etc. that disables regedit and the task manager - and monkeys with files. This is not A Good Thing.

    Many corporations support MSN Messenger only. Given a choice, however, I'm very fond of Trillian Pro 3. I found the license price for Trillian to be quite reasonable, considering its flexibility, stability, and the fact that (so far, fingers crossed) it has not been subject to attacks such as this.

    --
    A Passionate Independent Musician
  5. so going to happen by Kenshin · · Score: 5, Funny

    This is so going to happen to my sister, and I am so not going to fix her computer this time.

    Remember kids, don't constantly insult the person who fixes your computers.

    --

    Does it make you happy you're so strange?

  6. Re:Miranda by CastrTroy · · Score: 3, Informative

    Or you could just use GAIM for windows.

    --

    Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
  7. Bonus points for character by Rob+T+Firefly · · Score: 3, Interesting

    I don't much approve of destructive viri, but if they're going to be out there, they might as well have a little character to them. Who needs yet another boring old "spams your adress book and erases your HD" routine when you can be 0wned by something just a bit more interesting?

    Reminds me of the good old days of "gimme a cookie."

    --
    Slashdot Burying Stories About Slashdot Media Owned
  8. Here's a hint... by WalterGR · · Score: 4, Funny

    From the article:

    To be impacted with the worm, users have to actively download the code. Messenger conversations initiated by the worm carry texts like "jaja look a that" or "mira este video" as well as a web address from where it is downloaded.

    Ummmm... here's a hint: if somebody sends you a random URL to an executable, don't run it!

    The More You Know

    --
    The Online Slang Dictionary
  9. Fururama? by awhelan · · Score: 4, Funny

    a video called 'Fantasma.'

    Anyone read this quickly as 'Futurama'?
    Normally I will question the brain of anyone who clicks a link without confirming with the person who sent it that it's not a virus, but all my friends know I love futurama clips.
    Good news everyone, I can be socially engineered.

  10. What are you talking about? by SmallFurryCreature · · Score: 5, Insightful
    As far as I read it this doesn't have anything to do with "bad security" just "bad users". You have to download the code and execute it.

    Lots of people complain that P2P is unsafe because it carries virusses and what not. So how come I have never been infected?

    Obvious it is because of my enormous intellect that makes einstein look stupid and think that a 15mb .exe files claiming to be a movie is suspicious.

    Yes granted the recent WMF crap showed us that if you use MS software any file extension is under suspiscion and the design choice by MS to hide the extension by default must rank as one of their most stupid one (then again this is ms, they make so many it is hard to determine wich one was their worsed).

    But GAIM does not protect you from being stupid. Nothing does. Just that if you went through the trouble of installing GAIM on a Non-MS machine, or if you are on a MS-machine deliberatly disabled MSN and installed GAIM, then you are probably not that stupid.

    It ain't GAIM that is keeping you safe, it is your brain. Trust me on this, I been around long enough to know people will do anything to get infected. Just promise them a juicy picture. We have about the same chance of stopping computer infection as we have of stepping Sexually Transmitted Diseases. When Miss Jpeg flirts with you, you don't think of using a condom. (Oh and using a condom isn't enough, deep kissing can do it too. How many of you practising safe sex make sure no fluids whatever are swapped?)

    --

    MMO Quests are like orgasms:

    You may solo them, I prefer them in a group.

    1. Re:What are you talking about? by Mister+Whirly · · Score: 4, Funny

      "How many of you practising safe sex make sure no fluids whatever are swapped?"

      This is Slashdot, where safe sex means you have a firewall between you and the porn site...

      --
      "But this one goes to 11!"
    2. Re:What are you talking about? by mpe · · Score: 3, Interesting

      First, fix the OS. Make sure users know what is software and what is data, then restrict all of it by default.

      Also so that the OS knows what is software and what is data. e.g. if an executable has been disguised as an AVI then the best thing to do is try (and probably fail) to play it as an AVI. As opposed to displaying a file with an icon indicating it is one type of file then when it is selected to be opened looking at whatever is actually in the file to decide how to open it.
      Effectivly Windows likes to play "bait and switch" with file types.

  11. this is news ? by Anonymous Coward · · Score: 3, Insightful


    from Pandas webpage

    Countries affected
    España 2.42
    México 2.15
    Perú 0.71
    Chile 0.33

    there are NO english speaking countries affected and the original site which hosted the file is dead (file removed i looked)
    if today is AV fud promotion day you could at least try and scare us with a virus that affects English speaking countries

  12. Viruses, Taxes (oblig) by mfh · · Score: 3, Funny

    At least death doesn't get WORSE every year!!!

    --
    The dangers of knowledge trigger emotional distress in human beings.
  13. GAIM is not inherently more secure... by RingDev · · Score: 3, Informative

    In this case the user is clicking on a hyper link in the IM Conversation which uses a web browser to download an external application. If someone on your buddy list sent you this message, it would come through with no problems. You could click the link and download the file with no problems. It could even execute it's payload while you are wrapped in your GAIM blanket of security. The only thing that it MIGHT not be able to do is to propagate itself to all of the members of your friends list.

    -Rick

    --
    "Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
  14. Doesn't make worms less annoying by SanityInAnarchy · · Score: 3, Interesting

    Someone I met online recently sent me this message:

    "I got my MSN names from http://www.im-names.com/ they're free!"

    After getting this person to clarify that it was sent automatically. I said "OK, that's spyware." They said "I don't care." They are now blocked.

    Gaim and some common sense means I'll never actually get the spyware, but it doesn't mean I won't get annoyed by it. After all, remember chain mail? I used to get chain IMs all the time -- "Send this to 25 friends by midnight and something good will happen!".

    Really, the only solution, no matter what your IM client, is to start blocking morons.

    --
    Don't thank God, thank a doctor!
  15. The title is misleading. by cciRRus · · Score: 4, Insightful

    Should be changed to "New Worm Starts Munching MSN Messenger Users". The MSN Messenging network and MSN are two different things.

    --
    w00t