Crypto.Ad 728x90

June 12, 2010

Worm spreading via Yahoo Messenger

6:22 PM  bertz_9870  No comments

A worm is spreading via Yahoo Instant Messenger Thursday that tricks people into downloading what they think is a photo from a friend but is instead malware that installs a backdoor on Windows systems and spreads to a victim's IM contacts.

The worm arrives via a message from a contact with the word "photo" or "photos" and a smiley face icon, along with a link to a Web site resembling a Facebook page, MySpace page, or some other page where photos might reside.

If the user clicks on the link on a Macintosh system, an executable file will be downloaded, but no further action will occur. On a Windows system, the executable will download and if the user runs the file, the computer will become infected and the malicious message will be distributed to all of the IM contacts.

"Once run, the worm copies itself to %WinDir%\infocard.exe, then it adds itself to the Windows Firewall List," modifies registry keys, and stops the Windows Updates service, according to Symantec.


If you see this message, don't click "Run."

Symantec detects the malware as W32.Yimfoca and said it affects Windows 98, Windows 95, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003, and Windows 2000.

"It's very dangerous," Zulfikar Ramzan, technical director at Symantec Security Response, said in an interview. "When you get an IM from someone you know you're more likely to click on it."

The worm drops software onto infected computers that can be used to turn them into zombies on a botnet, he said. But, once that back door is on the compromised system anything really is possible, he added.

BitDefender said in a blog post that the "aggressive" worm is part of a family of worms that can intercept passwords and other sensitive data.

Security firm Bkis also has information on the worm, which has been spreading throughout the week.

Yahoo said in a blog post that it was aware of the issue and working to address it.

"We recently learned of an issue where some users have received spam messages from their contact list. Yahoo Messenger has quickly worked to resolve the situation," the post said. "As always, we recommend that any Yahoo Messenger user who receives a suspicious instant message with a link first IM their friend to ensure the message is legitimate before moving forward. Users should not download executable (.exe) files that are sent through Yahoo Messenger." Internet users should also keep their antivirus up to date, Yahoo recommended.

Source: CNET

Posted in:

0 comments:

Post a Comment


:Disclaimer:+

All content provided on this blogs is for educational purposed Only. All posts are properly credited to its respective author and will not be liable for any misuse, errors or omissions on this information nor for the availability of this information.

Labels

mobile tricks (39) globe tricks (32) Anime manga movie (31) tutorials (31) Internet Tricks (25) Smart tricks (24) globe tattoo tricks (18) facebook cheats (14) free internet (14) mobile applications (14) Bussiness Programs (13) Hacking tools (13) For Windows (11) Affiliates (9) Smart broadband tricks (9) earn money (9) free text (9) mobile streaming (9) psp games (8) Wapmaster tools (7) Work at home (7) airtel tricks (7) hacking tricks (7) operamini handler (7) pc games (7) Cproxy acount generator (6) Cproxy disposable email (6) google tricks (6) mobile games (6) ninja saga cheats (6) openvpn tricks (6) Cproxy ip (5) ce-proxy (5) cproxy (5) faccebook hack (5) globe tatto tricks (5) pc sofware (5) DNS servers (4) Free movie (4) Globe streaming tricks (4) best ptc site (4) facebook hack (4) free calls (4) magic ip for globe (4) mmstricks (4) online games (4) virus tricks (4) Broadband unlocker (3) Free antivirus (3) Latest Gadget (3) List of Opera mini servers (3) Smart streaming tricks (3) Symbian Games (3) Xbox360 games (3) convert youtube video to mp3 (3) cproxy setup (3) facebook connect (3) global ip tricks (3) javascript (3) magic ip (3) psp cheats (3) ucweb handler (3) yahoo mail tricks (3) youtube tricks (3) Cgi proxy (2) DNS (2) Dot tricks for globe (2) Mobile anti virus (2) Php proxy (2) Source viewer beta (2) Sun Cellular Latest News (2) Tv live streaming (2) arethusa vpn tricks (2) chatroom for blogs or website (2) crack software (2) earn more smart/globe load (2) facebook friends (2) free text to all network (2) globe tattoo software (2) html symbols (2) javascript code (2) live streaming (2) online tools (2) opera mini tools (2) pc zone (2) registration keys (2) password cheaters (1) vpn tricks (1) worst pasword (1)

 
back to top