A new Internet worm is squirming through Microsoft Corp.s popular MSN Messenger chat network, anti-virus vendors warned on Thursday.
The latest threat comes follows Octobers Funner worm attack and signals a growing trend to use instant messaging as a delivery mechanism for malicious activity.
According to an advisory from F-Secure, the new W32/Bropia-A worm users MSN Messenger to lure users into downloading one of the following files: “Drunk_lol.pif”; “Webcam_004.pif”; “sexy_bedroom.pif”; “naked_party.pif”; or “love_me.pif.”
Once executed, Bropia-A also drops a variant of the Rbot backdoor Trojan. Rbot represents the large family of backdoors fitted with the ability to control a victims machine remotely by sending specific commands via IRC channels.
F-Secure warned that the bot can also be used to hijack system information, log keystrokes, relay spam or steal sensitive data. Bropia.A can also disable a mouses right button and manipulate Windows mixer volume settings, according to the company.
Sophos, a Lynnfield, Mass.-based anti-virus firm, also issued an advisory for the newest MSN Messenger threat, warning that an infected computer will attempt to spread the worm to all active MSN contacts.
The MSN Messenger window has to be open on the infected computers desktop for replication to be successful.
Instant messaging platforms have become a happy hunting ground for virus writers because of the personalized aspect of communication. In most cases, users are tricked into accepting a malicious download because it came from a trusted friend or contact on a buddy list.