Posted on 03/07/2005 3:27:17 PM PST by RebelTex
New worms spreading through MSN Messenger -- and its bundled-with-Windows Windows Messenger version -- via links to a malicious site are infecting users and leaving their PCs open to hacker hijack, security vendors reported Monday. The new worms, tagged as Kelvir.a and Kelvir.b, appeared over the weekend and on Monday, respectively, anti-virus vendors said. Both use the same mechanism to attract users and infect Windows-based PCs: they include a link in the instant message. That link, in turn, downloads a malicious file -- the actual worm, a variant of the long-running Spybot -- which opens a backdoor to the compromised machine.
Kelvir spreads by sending itself to all the MSN/Windows Messenger contacts on the infected PC, and poses as cryptic messages such as "lol! see it! u'll like it!" and "omg this is funny!" The link opens a .pif-formatted file.
.pif files are also often a format-of-choice for mass-mailed worms.
Also on Monday, another worm -- dubbed Sumon.a by U.K.-based Sophos -- was discovered spreading via MSN/Windows Messenger. Sumon, which propagates over peer-to-peer file-sharing networks as well, is much more aggressive. It disables a long list of security software, tries to overwrite the HOSTS file so commonly-accessed security Web sites can't be reached, and picks from a large number of links, including "Fat Elvis! lol!" and "Crazy frog gets killed by train!" to entice downloads.
(Excerpt) Read more at techweb.com ...
She is. Thanks.
Thanks. I've had that for several years. Steve Gibson is one smart dude. I bought his Spinrite when it first came out and have kept it upgraded - I now have version 6. He's got lots of cool freebies, too.
LOL - I'm like you, waiting for everyone else to try it & report all the bugs and problems installing it.
LOL - so am I.
Don't you ever get tired of shilling for Apple, Mac boy? How much are they paying you, anyway?
Don't you ever get tired of shilling for Microsoft, XPboy? How much are they paying you, anyway?
Don't you ever get tired of shilling for the highest bidder, Petronski?
LOL
That's all you got?
Better summon a supervisor.
I'll just keep using Trillian, thanks. Much better than running four different IM services.
The Clintonistas think I'm a paid Republican operative. Michael Rivero accused me of being on the CIA payroll. Bush2000 thinks I'm a hired shill for Apple. Unfortunately, I've never received a penny from any of those organizations.
I'm still laughing about that little comment !
For your sake, I hope she doesn't read your posts on FR.
She's a good gal, with a thoroughly nasty sense of humor... while we try to keep out public appearance G or R-rated, most conversations around the house sound like a cussing match between a soldier and a Barbary Pirate. I usually call her "Queeny" ( a reference to her position at work- while technically second in command, she really runs the place ) or "Witchums" ( the affectionate form of Witch... ) and most of her nicknames for me are unprintable...
LoL coming from a MS employee.
I bet I know what the f stands for...
Fatal Exception 0E Has Occurred at 0028:c02c1085 in Vxd IOS(04) + 000020f9 ?
No, but keep hanging crap code on Failed architecture and guess again blue badge.
I feel your pain.
bttt
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.