Print
Discuss
Send to friend
RSS feedsDanish security watchdog Secunia has issued a 'medium' alert over the newly discovered Bropia worm, warning that it is spreading fast via MSN Messenger.
The malicious code, which arrives as a .pif file, acts as a carrier dropping a variant of the Spybot worm onto compromised PCs. This then acts as a Trojan and tries to harvest passwords from the computer before sending itself out again via Messenger.
"Many corporations have been blocking the use of instant messaging programs for employee productivity reasons, and may now have good cause to do so for security reasons as well," said Joe Hartmann, senior virus researcher at antivirus company Trend Micro.
"With the popularity of instant messaging, it may be the home users who are most at risk. This kind of worm uses humour to make people forget that they are being infected, and backdoors are being opened into their systems."
The Spybot worm is particularly damaging, Secunia warned. It seeks out Windows identity keys and certain application activation codes and feeds the information to the sender via IRC.
The Bropia worm arrives in a file about 184KB in size. It affects Windows 95, 98, ME, NT, 2000 and XP. More information about the worm can be found here.
See also:
Fatso.A squeezes onto hard drives with tirade at Bropia author 08 Mar 2005
The advice remains the same: do not click on attachments 02 Mar 2005
The latest wave of cyber-crimes and acts of vandalism have demonstrated once again that many systems are still vulnerable to attack. 15 Apr 2004All Enterprise Security Technology
del.icio.us
Digg this
reddit!
