MSN problem?
- Thread starter Dave D
- Start date
I think it is look:Dave D said:
Worm on MSN Messenger detected
Posted online: Tuesday, February 08, 2005 at 0032 hours IST
CHENNAI: A new computer worm that spreads through the MSN Messenger, an instant messaging platform, is likely to tempt Internet chat users with “sexy” images, an anti-virus software firm warned on Monday.
“The worm attempts to send copies of itself in different file names to all online contacts, pretending to be alluring images,” said Trend Micro, an Internet security software and anti-virus firm, in a press release here. “MSN Messenger users get comical photo of a roasted chicken with a bikini tan line. The worm also bears the AGOBOT worm as part of its payload, capable of opening backdoor on infected systems,” Trend Micro said.
The sightings of the worm have been reported in Taiwan, China, Korea and the US, it said. Upon execution, the memory resident worm (WORM—BROPIA.F) drops a copy of itself in the Windows system folder, and then tries to propagate to other MSN Messenger users by sending a copy of itself under other file names. —PTI
MOre:
New Bropia-worm Variant, Faster and More Dangerous, MSN Messenger Users Beware
AccountingWEB.com - February 08, 2005 - This week, Global Hauri announced a high alert for a fast spreading variant of the Bropia-worm that started spreading out last week. The new Bropia mutation, aka 'Worm.Win32.Bropia.188928' is spreading much faster and is far more devastating for MSN messenger users than its predecessors, Bropia A and C.
Symptoms: A file seemingly sent from a "buddy" is loaded with the virus and infects the PC as soon as it's opened. Remote access hijacks the infected PC. Volume differences and right mouse click might indicate the PC user that "something is wrong here."
Causes:
Once the Bropia infects a system, it resides in the Memory and continues spreading thru MSN Messenger. Bropia is a member of the Rbot family of worms affecting the Windows platform, which installs a backdoor on the system and gives an attacker a way of accessing and controlling the infected system remotely, allowing unauthorized remote access to the infected computer via specific IRC channels while running in the background as a service process. Yet another interesting component of the new Bropia is that it is loaded with a Bot virus component that opens the1294 port.
File Names: The new Bropia copies itself into the system folders and creates one of the following file names:
LOL.scr Webcam.pif
bedroom-thongs.pif>naked_drunk.pif
LMAO.pif
ROFL.pif
underware.pif
Hot.pif
new_webcam.pif
System folders:
The infected system folder can vary, depending on each user's configuration, However, the most common are:
C:\Windows\System (Windows 95/98/Me),
C:\Winnt\System32 (Windows NT/2000),
C:\Windows\System32 (Windows XP)
Remedy:
First, temporarily block out 1294 ports with any firewall. This is not a "spreading" port but the PC might receive an attack order from this port.
"Once you have this virus you are in big trouble. Problem is, the infected file looks just like a message from one of your buddies. The only prevention is to not open any files that come through the messenger and get a good antivirus software. For example, Global Hauri's antivirus engine ViRobot immediately destroys the malicious code even before it can install itself. If not treated, there is a strong likelihood that the virus is 'timed' to launch further attacks in 15 days," explains Eric Kwon, antivirus specialist and CEO of Global Hauri.
New Bropia-worm Variant, Faster and More Dangerous, MSN Messenger Users Beware
AccountingWEB.com - February 08, 2005 - This week, Global Hauri announced a high alert for a fast spreading variant of the Bropia-worm that started spreading out last week. The new Bropia mutation, aka 'Worm.Win32.Bropia.188928' is spreading much faster and is far more devastating for MSN messenger users than its predecessors, Bropia A and C.
Symptoms: A file seemingly sent from a "buddy" is loaded with the virus and infects the PC as soon as it's opened. Remote access hijacks the infected PC. Volume differences and right mouse click might indicate the PC user that "something is wrong here."
Causes:
Once the Bropia infects a system, it resides in the Memory and continues spreading thru MSN Messenger. Bropia is a member of the Rbot family of worms affecting the Windows platform, which installs a backdoor on the system and gives an attacker a way of accessing and controlling the infected system remotely, allowing unauthorized remote access to the infected computer via specific IRC channels while running in the background as a service process. Yet another interesting component of the new Bropia is that it is loaded with a Bot virus component that opens the1294 port.
File Names: The new Bropia copies itself into the system folders and creates one of the following file names:
LOL.scr Webcam.pif
bedroom-thongs.pif>naked_drunk.pif
LMAO.pif
ROFL.pif
underware.pif
Hot.pif
new_webcam.pif
System folders:
The infected system folder can vary, depending on each user's configuration, However, the most common are:
C:\Windows\System (Windows 95/98/Me),
C:\Winnt\System32 (Windows NT/2000),
C:\Windows\System32 (Windows XP)
Remedy:
First, temporarily block out 1294 ports with any firewall. This is not a "spreading" port but the PC might receive an attack order from this port.
"Once you have this virus you are in big trouble. Problem is, the infected file looks just like a message from one of your buddies. The only prevention is to not open any files that come through the messenger and get a good antivirus software. For example, Global Hauri's antivirus engine ViRobot immediately destroys the malicious code even before it can install itself. If not treated, there is a strong likelihood that the virus is 'timed' to launch further attacks in 15 days," explains Eric Kwon, antivirus specialist and CEO of Global Hauri.
MSN Messenger worm raised to medium threat
Scarlet Pruitt, IDG News Service
07/02/2005 08:23:26
Security experts have raised the warning level on a worm that spreads via Microsoft's MSN Messenger, in an effort to slow its crawl through Taiwan, Korea, China and the U.S.
The Bropia.F worm, a variant of the Bropia.A worm detected last month, was raised to a medium-risk threat this week by antivirus firm Trend Micro.
The worm propagates by sending a copy of itself under different file names -- including "bedroom-thongs.pif", "hot.pif" and "naked-drunk.pif" -- to all available or online contacts on an infected user's MSN Messenger list. It also sends and executes a file titled "sexy.jpg", which carries the image of a headless, plucked chicken sunbathing, replete with pronounced bikini tan lines.
Trend Micro recommended that MSN Messenger users block file transfers to slow the worm's spread.
The variant also attempts to drop and execute a bot program, which tries to copy itself into network shared folders and has an antidebugging feature, Trend Micro said. The worm will not run on an infected system if the NT-ice and Softice debugging applications are running.
Additionally, the worm attempts to lower the volume on infected users' machines so they cannot hear audio security threat warnings, according to the antivirus company.
Scarlet Pruitt, IDG News Service
07/02/2005 08:23:26
Security experts have raised the warning level on a worm that spreads via Microsoft's MSN Messenger, in an effort to slow its crawl through Taiwan, Korea, China and the U.S.
The Bropia.F worm, a variant of the Bropia.A worm detected last month, was raised to a medium-risk threat this week by antivirus firm Trend Micro.
The worm propagates by sending a copy of itself under different file names -- including "bedroom-thongs.pif", "hot.pif" and "naked-drunk.pif" -- to all available or online contacts on an infected user's MSN Messenger list. It also sends and executes a file titled "sexy.jpg", which carries the image of a headless, plucked chicken sunbathing, replete with pronounced bikini tan lines.
Trend Micro recommended that MSN Messenger users block file transfers to slow the worm's spread.
The variant also attempts to drop and execute a bot program, which tries to copy itself into network shared folders and has an antidebugging feature, Trend Micro said. The worm will not run on an infected system if the NT-ice and Softice debugging applications are running.
Additionally, the worm attempts to lower the volume on infected users' machines so they cannot hear audio security threat warnings, according to the antivirus company.
it's not a virus, at least i don't think mine says that there is a problem with troubleshoot or somethin like that
yeah i know, im gettin this prob as well >
Just great a 2 hour class and now i have to learn, fuk sakes
Just great a 2 hour class and now i have to learn, fuk sakesApparently it has something to do with the display pic on msn 6 and how hackers can get in quite easily...
We have obtained new details on the previously announced Microsoft Security Bulletins. Core Security Technologies today published a vulnerability in MSN Messenger clients up to version 6. According to the report, using a specially-crafted MSN Display Picture, an attacker could trigger a buffer overflow vulnerability on a contact's computer and execute arbitrary code.
The attack would travel through the established chat session and would pass unnoticed by firewalls, network intrusion detection systems and even host-based personal firewalls and antivirus software. Windows Messenger and Windows Media Player are also affected by this vulnerability.
"This is a critical security flaw since it directly affects more than 130 million users and because the attack is very likely to go unnoticed by the several layers of security countermeasures commonly used today," said Ivan Arce, CTO at Core Security Technologies. "Since initially reporting the flaw, we have been working closely with [Microsoft] and we are pleased to see that a fix is now available."
from www.mess.be
it also says that the Msn 7 beta version is not vulnerable....so if someone needs to get on msn real bad i assume that you can from the beta version
We have obtained new details on the previously announced Microsoft Security Bulletins. Core Security Technologies today published a vulnerability in MSN Messenger clients up to version 6. According to the report, using a specially-crafted MSN Display Picture, an attacker could trigger a buffer overflow vulnerability on a contact's computer and execute arbitrary code.
The attack would travel through the established chat session and would pass unnoticed by firewalls, network intrusion detection systems and even host-based personal firewalls and antivirus software. Windows Messenger and Windows Media Player are also affected by this vulnerability.
"This is a critical security flaw since it directly affects more than 130 million users and because the attack is very likely to go unnoticed by the several layers of security countermeasures commonly used today," said Ivan Arce, CTO at Core Security Technologies. "Since initially reporting the flaw, we have been working closely with [Microsoft] and we are pleased to see that a fix is now available."
from www.mess.be
it also says that the Msn 7 beta version is not vulnerable....so if someone needs to get on msn real bad i assume that you can from the beta version
Taliq
On Probation: Please report any break in the guide
Donate
Back in the day, we used to recieve donations sent as cash in fake birthday cards! Those were the days! I still have some of them, actually.
Now we have crypto.
Ethereum/EVM: 0x9c70214f34ea949095308dca827380295b201e80
Bitcoin: bc1qa5twnqsqm8jxrcxm2z9w6gts7syha8gasqacww
Solana: 8xePHrFwsduS7xU4XNjp2FRArTD7RFzmCQsjBaetE2y8
Now we have crypto.
Ethereum/EVM: 0x9c70214f34ea949095308dca827380295b201e80
Bitcoin: bc1qa5twnqsqm8jxrcxm2z9w6gts7syha8gasqacww
Solana: 8xePHrFwsduS7xU4XNjp2FRArTD7RFzmCQsjBaetE2y8
Members online
No members online now.