Important Spam Update

Feb 06, 2009 16:05


This is a bad week for Virus / Worms /rogues etc. If you or any of your family use Facebook or MSN Messenger please read the following, it might save you from some grief and save some money.

MSNWorm.FU is a worm that spreads through MSN Messenger. To do so, it opens conversations with the infected user’s contacts and offers them a file as if it were a photo for the contact to accept and consequently become infected. The file is sent together with sentences such as:

“me puedes marcar en esta foto de facebook?” (can you tag me in this facebook photo) “me cerraron mi cuenta por subir esta foto. si esta muy mal?” (they closed my account for loading this photo. Is it that bad?) “viste esta super fiesta de año nuevo?” (check out the New Year party) “toma, esta perfecta esta foto como wallpaper” (here, this photo is perfect as wallpaper)

The file is usually compressed in a .zip file to avoid being detected by the Messenger.

DirDel.A is a worm that reaches computers with a folder icon, to fool users into running it. When run, it does not display any message or open any folder. This malware replaces folders in different directories with a copy of itself. For example, if there is a folder called Example, it creates a copy of itself in the same directory called Example.exe and deletes all the original folders and their content.

This worm spreads by copying itself to all the system drives and shared folders.

P2PShared.AB reaches computers disguised as an email file, with names related to trademarks, such as Ikea.exe. To spread, it copies itself onto the shared files of P2P programs, with names of programs, disks, and so on. For example:

Youtube Music Downloader 1.0.exe

Absolute Video Converter 6.2.exe

FOOTBALL MANAGER 2009.exe

Password Cracker.exe

This worm also spreads via email by sending spam emails with subjects such as You´ve received a Hallmark E-Card, and an attached file called postcard.zip which contains malware. See image here



In addition, this week PandaLabs has informed about a new phishing attack used by Facebook as bait. French users received a message inviting them to view specific content in Facebook. When they did, they were redirected to a fake Facebook page, similar to the original. Any details they entered were sent to cyber-crooks.

More information here:
http://pandalabs.pandasecurity.com/archive/Facebook-Phishing-Site-Targets-French-Users.aspx


You can thank my friend David Anderson at Technically Yours for this information.


Share on Facebook

Originally published at An unbiased street view with curb appeal. You can comment here or there.

blogging

Previous post Next post
Up