Saint_Michael 3 Report post Posted May 25, 2007 Well if you all remember a few months back I made a topic about the skype worm here, well it seems to have busted out two clones one for ICQ and for MSN. the new variation showed up sometime at the beginning of the week for these two networks and if memory serves me correctly and it usually does, these two messenger networks are huge. Now in order for this worm to be activated a user must click on a link and once they do that the worm will start sending messages to your contact list and get others to click on that link as well. Although security experts rate this as a low risk worm, over the course of the year they have seen hundreds of variations to the worm and having a hard time keeping up with it. But what is really interesting is that network jumping worms have happen before but as this quote mentions about the surprise he saw in doing so. Instant message worms have spread from network-to-network in the past, but this is the first time Boyd has seen a worm jump from Skype to another network."It's an odd system to make, because these guys have a foot in the door [in the Skype network]," he said. "You think they'd focus all their energies onto exploiting Skype." So if you see a funky message on either MSN or ICQ with a link don't click it and you will be fine.SOURCEHERE Share this post Link to post Share on other sites
truefusion 3 Report post Posted May 26, 2007 You know, these "worms" i find interesting. How do they manage to execute themselves just by clicking a link? Where are they stored at, from where do they operate from? Is it limited to the IM client; does it integrate itself with it? Does it IM people from a remote or local source? Does it aquire ones password during execution? Some of these questions could have been answered in the articles provided; however, my laziness precedes me, therefore causing ignorance. I remember clicking on those links in IM messages, "This person looks just like you! Click here!" and didn't get infected—of course, i wasn't silly enough to execute the program that came with it. Share this post Link to post Share on other sites
Galahad 0 Report post Posted May 31, 2007 (edited) Great questions truefusion... I'm also too lazy, and didn't bother reading those articles... I use both Skype, MSN, ICQ, Yahoo, Odigo, and most fo the other messengers... And I have never even seen any of those worms... I never received a strange looking message on MSN, while they are most numerous on Yahoo, from unknown sources, usualy marketing some porn sites, and other, but I have never clicked a link that came with the message... On ICQ, I get mostly authorisation requests, from strange people, asking to add me to their list, which I ofcourse decline, and immediately add them to my ignore list...As I'm a software developer, I think I know a bit about computers and how they work... Usualy, most of the articles have a lot of missinformation in them... One can't be infected by something, just by clicking on the link... You can click on the link, and download a program, a script or something, and THEN get infected... And if the IM client has some sort of voulnerability that you can create some sort of a link with embeded script or something, then it's a major flaw in the system...So people, don't be afraid to click on some link you receive from your friends, just be carefull what you download from the net, even if it appears to come from a trusted firend...If you receive a link that looks like http://forums.xisto.com/no_longer_exists/ or anything like that, I would recommend NOT clicking on it... If you don't have that person on your contact list, also, block it, or add it to the ignore list... Also, when someone sends you a file, stating "Hey, this is my new picture, do you like me?" or anything like it, and that person is not on your list... Block it, it's most likely some sort of a virus, masked as a picture... I have seen a tons of programs, that have a ACDSee JPEG icon as it's own, and a double extension like image001.jpg.exe... You would see it as image001.jpg, with ACDSee's icon, and figure "Hey, it's an image, what could happen?"... But you would actualy be starting a (most likely) malicious program... Luckily, most of new abti-virus and anti-spyware programs, have implemented checks for double extension of files...While on the net... Just... Use your brain... Just a little Edited May 31, 2007 by Galahad (see edit history) Share this post Link to post Share on other sites
FLaKes 0 Report post Posted May 31, 2007 I have seen these worms in msn many times. Whenever you get a funky message just dont click on it and everything is fine, usually when a friend sends me a link he usually tells me what it is about, and when it just appears and is a really wierd message that I know he wouldnt send me. That is how I find out if the message was really written by my friend or not Share this post Link to post Share on other sites