Messenger worm prowls the Web

Pro

1 April 2005

A new worm currently infecting computers is able to do so by exploiting a known flaw in the MS Internet Explorer browser in order to spread itself using MSN Messenger. The worm has been named JS.Menger.Worm by Symantec and CoolNow by F-Secure. 

The worm arrives in the form of an instant message containing a URL and urging the user to visit the URL now. The Webpage contains malicious JavaScript code that sends the Website’s URL, or those of other Websites containing the code, to the addresses on the user’s Messenger list. 

The virus doesn’t seem to damage the user’s system, and can be removed. 

An example of how to use an IE weakness to take over MSN Messenger was recently published and experts believe the worm is a modified version of this.

However, the authors of the original code did not intend for it to be used in this way; they wanted to put pressure on Microsoft to fix the vulnerability. The company has now released patches to fix the flaw. 

Last summer, a virus called W32/Jerrym also spread via MSN Messenger. Pretending to be a real person, it sent a message to users asking if they wanted to see ‘their’ latest picture. If they agreed, a file was sent back. Accepting the file infected the user’s PC. Luckily, the virus wasn’t destructive.

Read More:


Back to Top ↑

TechCentral.ie