±Recent Visitors

Recent Visitors to Com-Central!

±User Info-big


Welcome Anonymous

Nickname
Password

Membership:
Latest: HighestAce
New Today: 0
New Yesterday: 0
Overall: 6648

People Online:
Members: 0
Visitors: 257
Total: 257
Who Is Where:
 Visitors:
01: Home
02: Community Forums
03: Photo Gallery
04: Downloads
05: Community Forums
06: Community Forums
07: Community Forums
08: Home
09: Home
10: Community Forums
11: Your Account
12: Community Forums
13: Photo Gallery
14: Community Forums
15: Downloads
16: Community Forums
17: Home
18: Community Forums
19: Home
20: Member Screenshots
21: Community Forums
22: News Archive
23: Community Forums
24: Home
25: Community Forums
26: Home
27: Community Forums
28: Downloads
29: Community Forums
30: Community Forums
31: Downloads
32: Community Forums
33: Home
34: Member Screenshots
35: Community Forums
36: Home
37: Community Forums
38: Home
39: Community Forums
40: Home
41: Downloads
42: Home
43: Community Forums
44: Home
45: Photo Gallery
46: Community Forums
47: Community Forums
48: Home
49: Statistics
50: Community Forums
51: Home
52: Community Forums
53: Home
54: Home
55: Home
56: Home
57: Community Forums
58: Community Forums
59: Community Forums
60: Downloads
61: Community Forums
62: Home
63: Home
64: Community Forums
65: Statistics
66: Community Forums
67: Home
68: Home
69: Home
70: Community Forums
71: Home
72: Photo Gallery
73: Community Forums
74: Community Forums
75: Member Screenshots
76: Community Forums
77: Home
78: Home
79: Downloads
80: Community Forums
81: Home
82: Your Account
83: Home
84: Community Forums
85: Home
86: Community Forums
87: Home
88: Home
89: Community Forums
90: Member Screenshots
91: Home
92: Community Forums
93: Community Forums
94: Community Forums
95: Home
96: Community Forums
97: Home
98: Home
99: Your Account
100: Community Forums
101: Home
102: Community Forums
103: Community Forums
104: Downloads
105: Downloads
106: Community Forums
107: Home
108: Community Forums
109: Home
110: Community Forums
111: Home
112: Home
113: Community Forums
114: Home
115: Home
116: Community Forums
117: Community Forums
118: Community Forums
119: Home
120: Home
121: Community Forums
122: Home
123: Home
124: Home
125: Community Forums
126: Home
127: Community Forums
128: Downloads
129: Home
130: Downloads
131: Home
132: Member Screenshots
133: Community Forums
134: Community Forums
135: Community Forums
136: Member Screenshots
137: Community Forums
138: Community Forums
139: Home
140: Community Forums
141: Community Forums
142: Downloads
143: Community Forums
144: Community Forums
145: Home
146: Community Forums
147: Community Forums
148: Home
149: Home
150: Member Screenshots
151: Community Forums
152: Community Forums
153: Home
154: Community Forums
155: Community Forums
156: Photo Gallery
157: Community Forums
158: Downloads
159: Home
160: Community Forums
161: Home
162: Community Forums
163: Community Forums
164: News
165: Community Forums
166: Community Forums
167: Home
168: Community Forums
169: Home
170: Community Forums
171: Community Forums
172: Home
173: Community Forums
174: Home
175: Community Forums
176: Downloads
177: Home
178: Community Forums
179: Home
180: Home
181: Community Forums
182: Community Forums
183: Member Screenshots
184: Home
185: Community Forums
186: Community Forums
187: Community Forums
188: News Archive
189: Community Forums
190: Community Forums
191: Downloads
192: Community Forums
193: Home
194: Community Forums
195: Community Forums
196: Home
197: Home
198: Home
199: Community Forums
200: Community Forums
201: Community Forums
202: Community Forums
203: Community Forums
204: Community Forums
205: Community Forums
206: Home
207: Home
208: Home
209: Community Forums
210: Home
211: Community Forums
212: Home
213: Home
214: Community Forums
215: Community Forums
216: Community Forums
217: Community Forums
218: Community Forums
219: Home
220: Community Forums
221: Community Forums
222: Home
223: Community Forums
224: Home
225: Home
226: Community Forums
227: Home
228: Community Forums
229: Home
230: Home
231: Community Forums
232: Downloads
233: Community Forums
234: Home
235: Home
236: Community Forums
237: Community Forums
238: Member Screenshots
239: Member Screenshots
240: Community Forums
241: Community Forums
242: Community Forums
243: Community Forums
244: Community Forums
245: Community Forums
246: Community Forums
247: Community Forums
248: Community Forums
249: Downloads
250: Home
251: Community Forums
252: Home
253: Home
254: Community Forums
255: Home
256: Member Screenshots
257: Community Forums

Staff Online:

No staff members are online!
MSN VIRUS WARNING :: Archived
A general meeting place for all pilots!
Post new topic    Revive this topic    Printer Friendly Page     Forum Index ›  Officer's Club

Topic Archived View previous topic :: View next topic  
Author Message
Shadow_Bshwackr
Janitor

Offline Offline
Joined: Jan 21, 2005
Posts: 7019
Location: Central Illinois, USA
PostPosted: Tue Nov 20, 2007 4:36 pm
Post subject: MSN VIRUS WARNING

New MSN Messenger Trojan Spreading Quickly
By Lisa Vaas
November 18, 2007


An MSN Messenger Trojan is growing a botnet by hundreds of infected PCs per hour.


A Trojan is introducing malware into thousands of computer systems worldwide, and the number is growing by the hour.

The malware is being introduced by MSN Messenger files posing as pictures, mostly seeming to come from known acquaintances.

The files are a new type of Trojan that has snared several thousand PCs for a bot network within hours of its launch earlier on Nov. 18 and is being used to discover virtual PCs as a means of increasing its growth vector.

The eSafe CSRT (Content Security Response Team) at Aladdin—a security company—detected the new threat propagating around noon EST on Nov. 18. At 18:00 UTC (Coordinated Universal Time), eSafe had detected 1 operator and more than 500 on-command bots in the network. Less than three hours later, or by 2:30 EST, when eWEEK spoke with Roei Lichtman, eSafe director of product management, the number had soared to several thousand PCs and was growing by several hundred systems per hour.

eSafe is monitoring the IRC channel used to control the botnet. The only inhabitants of the network besides the operator are in fact infected PCs.

The Trojan is an IRC bot that's spreading through MSN Messenger by sending itself in a .zip file with two names. One of the names includes the word "pics" as a double extension executable—a name generally used by scanners and digital cameras: for example, DSC00432.jpg.exe. The Trojan is also contained in a .zip file with the name "images" as a .pif executable—for example, IMG34814.pif.

The files are infiltrating new systems by using either known contacts from which the Trojan has harvested instant messaging names, as well as from the systems of unknown users.

The infection vector—an IM program—isn't new. But the Trojan is the first that eSafe has tracked that has tried to scan for VNC (Virtual Network Computing) instances, likely in order to multiply the botnet's number of connections.

Lichtman said that the Trojan shares common characteristics with other Trojans, looking like "a flexible Swiss Army knife" with multiple processes to steal passwords, to spread the infection and to deliver spam, for example.

The move of malware to VMs (virtual machines) won't surprise those who've been studying the security aspects of this new, red-hot technology. Some of the things that keep them up at night include the possibility of "VMware escape," which is where malware breaks out of a VM and onto the host operating system, which would enable an attacker to potentially install a rootkit, among other things.

David Lynch, vice president of marketing at Embotics, said a more immediate potential threat is virtual appliances: As software delivery mechanisms move to delivering VMs through virtual appliances, they're bringing in a black box of unknowns to the data center, Lynch told eWEEK at a presentation at Interop Oct. 23.

"Virtual appliances run who knows what kind of operating system, with heaven knows what level of hardening and with the potential to introduce backdoors," he said.

Lynch counseled administrators to question the processes for patching the relevant operating system and application set, as well as to learn who will do security maintenance work, as these appliances are put in place.

Given the familiar social engineering aspect of the attack, individuals are being urged to not open files sent unexpectedly from either friends or strangers.

eSafe hasn't determined what criminal activity the botnet is up to at this point.

Please watch out for this one everyone... Wink
Back to top
View user's profile Visit poster's website Photo Gallery
HF_SlowHand
Power User

Offline Offline
Joined: Aug 27, 2005
Posts: 767
Location: Meeechigan
PostPosted: Tue Nov 20, 2007 4:37 pm
Post subject: Re: MSN VIRUS WARNING

glad I dumped aLL MY IM's after CFS1...

thanks CC for hosting COMS so we dont have to use IM to see who is online...

_________________
I deny everything
I lie about everything
And everything I deny
Is a lie!
Back to top
View user's profile Send e-mail Visit poster's website
Shadow_Bshwackr
Janitor

Offline Offline
Joined: Jan 21, 2005
Posts: 7019
Location: Central Illinois, USA
PostPosted: Tue Nov 20, 2007 5:32 pm
Post subject: Re: MSN VIRUS WARNING

That brings up an interesting point Slow...

We can put a chat feature on CC that would be like using an IM from within the site. We've never done it 'cause most use their own IM's. But, this would be one way to 'see' who's online or at least who's online at CC. Smile
Back to top
View user's profile Visit poster's website Photo Gallery
A1Trigger_Happy
Power User

Offline Offline
Joined: Jan 30, 2006
Posts: 778
Location: Alabama, USA
PostPosted: Wed Nov 21, 2007 1:29 am
Post subject: Re: MSN VIRUS WARNING

Intresting read and intresting idea.
Back to top
View user's profile
Display posts from previous:   
Post new topic    Revive this topic    Printer Friendly Page    Forum Index ›  Officer's Club
Page 1 of 1
All times are GMT - 6 Hours

Archive Revive
Username:
This is an archived topic - your reply will not be appended here.
Instead, a new topic will be generated in the active forum.
The new topic will provide a reference link to this archived topic.