Microsoft Instant Messenger Virus Sweeps Net 401
Sequence: Get messaged "Go To http://www.masenko-media.net/cool.html NoW !!!" or something similar with another URL. Follow the link. That webpage contains malicious code which gets your messenger contacts and sends a similar message to your contacts. It looks like it uses a vulnerability in formmail.pl as well, although I'm not exactly sure how (I'm not an expert in ECMAscript, sorry, and I have no systems that could possibly be affected by this to test with). I'm sure some of our readers can provide more information in the comments below.
There appear to be several webpages which carried the infected code, not just masenko-media.net. Some webmasters are already taking them down.
Sophistication: moderate. Damage: only your pride.
Solution: probably the latest mega-patch for Internet Explorer will fix the Microsoft bug that allowed this.
Risks: obviously, the code could have done worse than just messaging your contacts. With Microsoft making "messaging" an integrated part of the operating system, any flaws in it can be exploited to affect millions of people instantly, so it is a high-value target. Does it have commensurate high-strength security?
this didn't infect me.. (Score:2, Funny)
Well, that's one less effectual site for vectoring (Score:5, Funny)
Someone post more links to the other vector pages, if we can't get them down any other way we'll bum-rush em
in the eye of the beholder (Score:3, Funny)
ToO mAnY cApS!!!11 (Score:5, Funny)
what's the url? (Score:4, Funny)
Kinda funny.. (Score:5, Funny)
Finally! (Score:5, Funny)
Can anybody tell me where I can sign up for one of those Passport Universal Identifier and Cybercash Wallets and get the MS implant in my right hand or forehead?
Microsoft Article Virus Sweeps Slashdot (Score:3, Funny)
It could be worse... (Score:4, Funny)
"Go To http://www.goatse.cx NoW !!!"
Imagine if your friends suddenly knew not only that you were gullible enough to fall for a virus like that, but that you had seen that site...
Re:what's the url? (Score:3, Funny)
That reminds me, I wish MSN had tone markup's..
they've got enough of those dumb smiley faces.
Oops (Score:3, Funny)
Re:The solution... (Score:1, Funny)
No, but that's a good start.
Month half over (Score:4, Funny)
I hope that the virus writers... (Score:2, Funny)
Don't they know that virus making will soon be considered a hate crime? [satirewire.com]
On another note, I wonder how many victims of the Warhol virus also caught this recent virus. [bbspot.com]
In related news (Score:4, Funny)
E-mail inboxes were flooded with messages this morning as a new virus quickly spread around the world. Dubbed "Don't Fucking Open Me" by anti-virus researchers, the infected e-mail follows a similar course to other viruses and replicates by sending itself out to everyone in the infected computer's Outlook and Outlook Express address book. The virus also contains two different payloads: one version formats the hard drive and displays the message "This is for your own good"; the other payload creates random Power Point presentations in the "My Documents" folder.
Savvy users can spot the virus by its subject which is "Don't Fucking Open Me" or by the attachment which is entitled "Don't_Fucking_Open_Me.exe".
"This virus tricks the user with an old psychological tactic called reverse psychology. Apparently the curiosity created by the message has been too much for thousands of users," said anti-virus researcher Bob Atibop. According to Atibop, this isn't the first time reverse psychology has been used. In 1998, the "Don't Pee on Your Keyboard" worm caused a flood of damage.
Researchers have seen large infection among AOL users and middle managers, the two largest concentrations of naive and inept computer users.
Claudia Hawkins who was infected by the virus said, "My son told me not to open attachments, but.... I mean my MOM sent it! What if she was hurt?!?"
Another infected user too embarrassed to reveal his name said, "I thought that there was no way that this could be a virus. What kind of stupid idiot virus writer would put a dumb title on it like that? No one would ever open something that says not to open it. The virus would never spread defeating the whole purpose of it."
Experts advise extreme caution when opening messages entitled "Don't Fucking Open Me" or "Click Here for Cash and Virus Infection".
People clicking on links... (Score:5, Funny)
I just visited my friend's brother to pick up a used telescope. His brother's system is down because he clicked on a link in an email that said something like "pictures of me naked."
When I told him that anything like that was obviously a worm or some kind of scam, he responded: "But it was from a girl who DOES send me pictures of herself naked!"
Didn't know what to say to that.
The joys or irony... (Score:2, Funny)
< What is
You gotcher answer, folks.
Re:Well, that's one less effectual site for vector (Score:1, Funny)
Re:interesting article on the reg (Score:5, Funny)
You're artificially restricting the sphere of possible solutions to things that might help, which is intellectually honest. Shame on you.
In ancient Sumeria, they used to execute architects when the buildings that they constructed collapsed. By the same token, we should kill some people.
If we've learned one thing from the 20th century, it is that big government is inefficient. Therefore, the killings should be handled by the private sector.
The proceedings against MS are criminal, in addition to civil. In a criminal proceeding, the judge is perfectly justified in issueing fatwas against MS programmers who write buggy code - this is a well established precept of Sharia.
Thus, I've proven that the free market will take care of MS on it's own, punishing it for buggy programming - through highly paid mercenary assassins, with EULAs to kill.
I want to test and see if anyone reads their EULAs. Distribute a piece of software with an EULA that says, about halfway through-
"By installing this software, you agree to take up arms in defense of (company name), march to the fastness of her foe, and slaughter her enemies. Please register the software so that we can give you your orders."
Duhhhh... Why not... (Score:5, Funny)
cheap shot (Score:2, Funny)
Re:CAPITALS ARE GOOD (Score:5, Funny)
Is that the Yahoo! version of COBOL?
Re:Warhol? worm (Score:3, Funny)
Re:this didn't infect me.. (Score:1, Funny)
Re:People clicking on links... (Score:5, Funny)
Well, duh. Two words:
"Prove it!"
Re:Not a Messenger flaw (Score:3, Funny)
On all 5000 desktops of your corporation.
Only the paranoid will survive... (Score:3, Funny)
"Sorry, there was an error in the script.
This may well be due to your IE security settings - try resetting them to default and trying again.
..."
IE6 is much better when it comes to security and privacy than IE5.