See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.

Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.

New IM worms target MSN users

New versions of the Bropia and Kelvir worms appeared yesterday

Paul Roberts Today’s Top Stories

or Other Spam, Malware and Vulnerabilities Stories

March 8, 2005 (IDG News Service) -- Antivirus companies are warning users of Microsoft Corp.'s popular MSN Messenger application about a host of new worms that spread using instant messages (IM) over that network.
New versions of the Bropia and Kelvir worms appeared yesterday and are spreading over MSN Messenger, according to alerts issued by leading antivirus companies. They also warned customers about the first in a new family of worms, dubbed "Sumom" or "Serflog," which also spread over MSN.
The spate of IM worms is evidence that virus writers are finally realizing the potential of the medium to quickly disseminate malicious code, according to one antivirus expert.
IM worms have been gaining popularity in virus-writing circles for months. The Bropia worm, which spreads using MSN Messenger, burst onto the scene in January. New variants from that family of worms have appeared almost weekly ever since.
Bropia has been joined by a number of new worms in recent weeks. Kelvir, which first appeared on Sunday, has already spawned three new variants, according to data from Symantec Corp. MSN isn't the only victim. The Stang and Aimdes viruses spread over America Online Inc.'s AOL Instant Messenger network.
The new worms all target machines that run Microsoft's Windows operating system and steal IM contacts from machines they infect, meaning that victims often receive IM messages containing the virus from friends or acquaintances. The worms also use so-called social engineering tricks, such as vague but familiar-sounding messages and salacious file attachments to get users to open files that install the virus or visit Web pages that install viruses, spyware or Trojan horse programs on the victim's machine.
Kelvir arrives in an MSN message that reads "lol! see it! u'll like it," with a link to a file called "omg.pif" that's hosted on the home.earthlink.net Web server. When recipients click on the link, the virus infects the victim's computer and sends identical messages to all of that user's contacts, according to Helsinki, Finland-based F-Secure Inc.
Serflog, the new IM worm that appeared yesterday, arrives in a blank MSN message with links to one of a number of PIF files that contain the virus, such as "My new photo!.pif," "Topless in Mini Skirt! lol.pif" and "Fat Elvis! lol.pif," Cupertino, Calif.-based Symantec said.
Virus writers have realized that IM is a useful medium for distributing viruses because IM users are inclined to look at or click on IM messages that pop up on their computer desktop, said Gregg Mastoras, a senior security analyst at U.K.-based Sophos PLC.
Many IM users are also relatively new to the technology, compared with e-mail, and are less aware of the threat of IM viruses than they are

Continued...
1 | 2 | NEXT

Reprinted with permission from

IDG.net
Story copyright 2008 International Data Group. All rights reserved.

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

"The recent attacks in Mumbai were carried out by assailants using high tech methods. It’s just another way in which..." Read more...

Read more Security posts or See all Blogs

	Virtually every Windows PC at risk, says Secunia
	License server glitch exposes SonicWall users to e-mail security threats
	Transmitting data from the middle of nowhere
	More top stories...

	Moving to a start-up? Fasten your seatbelt
	In high-tech schools of the future, Facebook in class is boosted -- not banned
	Clues point to Jan. 13 release of Windows 7 beta

Review: The new MacBook Air, now with extra SSD goodness

Thin as ever, the latest Air offers up to twice the storage and snappy performance.

Cool Stuff: Your 2008 Holiday Gift Guide

We've got an array of economical, expensive, and just plain weird tech gifts for your friends and family.

Massive botnet returns from the dead, starts spamming

The spam-spewing 'Srizbi' botnet that was shut down two weeks ago has been resurrected and is again under criminal control, say security researchers.

Elgan: Why you can't trust 'friends' on Facebook

Facebook is popular and growing -- especially with criminals. Here's why they love it.

Windows 7

Get the latest news, reviews and more about Microsoft's newest desktop operating system

2008 Salary Survey

Find wage data for 50 IT job titles.

All Zones
Business Continuity Zone
The File Data Management Zone
Security Management Zone
The SAS Zone
Business Intelligence and Analytics Zone
The Enterprise Search Zone
Software as a Service Zone
The Security Zone

See your link here

Moving to Windows Vista: The Promise, The Reality

Moving to Windows Vista: The Promise, The Reality
View this exclusive webcast today!

Go to the webcast

Managing Mobile Data with Endpoint Security for Laptops

Download this white paper now, compliments of Computerworld and Absolute Software.
(Source: Absolute Software) A NetworkWorld survey of IT professionals found that only 1 in 100 employees consistently follow data security policy. This paper outlines endpoint security for laptops that restricts data access beyond encryption to safeguard against insider threats and user error.Read this whitepaper to learn lessons from recent data breaches, limitations of traditional data security, and how to remotely wipe out data and monitor computers that go off the network.

Download this executive briefing

Record Capacity for Microsoft� Exchange 2007 With VMware and IBM System x3850 M2

Download this white paper today!
(Source: VMware) The more that e-mail becomes an entrenched IT infrastructure application, the more that messaging administrators face numerous--sometimes conflicting--demands in the categories of availability, flexibility and cost. Employing a virtual solution can help avoid expensive over-provisioning of server computing resources, while improving management and disaster recovery. And ultimately, it can more than double the number of supportable Exchange 2007 users, as compared to a non-virtualized environment. This whitepaper explains how to break down the scalability barrier and respond faster to your mail system needs.

Download this white paper

White Papers

Read up on the latest ideas and technologies from companies that sell hardware, software and services.

	The Importance of Application Management
	Dell Client Migration and Deployment Services
	Windows� Enterprise Data Protection with Symantec Backup Exec"

View more whitepapers

XenServer FREE trial
Citrix XenServer is the simplest and most effective way to virtualize and provision servers. XenServer combines comprehensive server virtualization capabilities with unparalleled scalability, performance, economics, and ease-of-use. Based on the open source Xen hypervisor, XenServer delivers fast performance, easy management, and advanced features such as live migration.

Request free trial now

Sponsored Links

Learn about the new breed of mobile technologies and services and how to pick the right devices and software for your needs.

Citrix NetScaler 9 - Slash server costs by 60%

Brocade HBAs are the smarter way to connect servers to storage. Learn more at:

Join Tech OnTap: NetApp's monthly technical newsletter.

Beyond consolidation: five reasons why you should start virtualizing

Renowned Engineering Institution Chooses AMD Processor-Based Servers

Defy the laws of reporting - introducing Crystal Reports(R) 2008. Discover it now.

See the power of the new Quad-Core AMD Opteron" processor.

Kodak i600: Easy on your operators and your bottom line. Learn more about the i600 now.

Samsung Printing Solutions--control workflow, costs and operations

What can you do with two monitors and your laptop? See more&

Not All QSAs Are Created Equal: What You Should Know Before You Buy

The arrival of Serial Attached SCSI (SAS) marks a new era in storage scalability

The AMD Virtual Experience Virtual Trade Show

Microsoft SQL Server 2008. Read Case Studies & Try for Free.

Instant server virtualization. Free download!

Rackspace: The True Value of a Hosting Provider

Predict the future with HP Insight Power Manager

How-to video: Smart steps to efficient power management

SYMANTEC IS EMAIL ARCHIVING: Enterprise Vault - Free EMAIL HEALTH CHECK

Learn how the new Quad-Core AMD Opteron(TM) processor improves performance

HP StorageWorks products - control, consolidation and confidence.

Save up to 64% plus 3 FREE Gifts from Omaha Steaks.

The Future is Fusion. Only from AMD. See our video to learn more.

Intercept Spam & Viruses With MessageLabs

Leverage Your Cisco infrastructure for Superior Application Performance

Learn about the AMD Virtual Experience

Introducing: Project Icebreaker

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map

CIO

Computerworld

CSO

DEMO

GamePro

Games.net

IDG Connect

IDG World Expo

Infoworld

The Industry Standard

ITworld

JavaWorld

LinuxWorld

MacUser

Macworld

Network World

PC World

Playlist

Copyright © 2008 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.

	Virus and Vulnerability Roundup
	Finance
	Security
	Computerworld Daily News (First Look and Wrap-Up)
	Computerworld Blogs Newsletter
	The Weekly Top 10