trojan tramite ms messenger....è possibile??

[doctorwho]

ho sentito dire in giro che ci sono dei trojan che si diffondono tramite msn messenger, la notizia è fondata?? se si quali espedienti bisongerebbe adottare??

[Flying Luka]

http://www.wintricks.it/forum/showth...threadid=84035

[Thor]

Quota:

Originariamente inviato da Flying Luka
http://www.wintricks.it/forum/showth...threadid=84035

(Y)

ogni tanto fate un salto in home, people..ci son delle news interessanti!

[danidest]

Ciao,
questo è l'ultimo (scoperto ieri pomeriggio da Trend Micro) Ti ho allegato la descrizione in inglese, se non lo capissi ti riassumo la situazione in 2 parole:
si propaga via Msn ed EMule, tramite i contatti di Messenger presenti nel pc infetto spedisce un link infetto.
In pratica prima di accettare files o links da chiunque è meglio chiedere conferma al mittente:
Peccato, fino a poco tempo fa messenger era immune da schifezze!
Ciao.



WORM_FATSO.A propagates in two ways: via MSN messenger and via eMule peer-to-peer file sharing application.

It spreads copies of itself to all online MSN messenger contacts of an affected system by sending an instant message containing a link, which, when clicked, downloads a copy of this worm into the recipient's system.

This worm also has the ability to propagate via eMule, a known peer-to-peer (P2P) file sharing application that has arguably overtaken other similar applications like KaZaA, Bearshare and Limewire. It drops copies of itself in the eMule shared folder of the affected system.

It is capable of redirecting infected users to a certain Web site, which as of this writing, is already not available. It does this whenever the user accesses Web sites that are associated with antivirus and security companies. It may also terminate certain running processes and prevent these processes from executing again while this worm is resident in memory.

This worm also opens a notable text file, which displays the following details:

Hey LARISSA fuck off, you fucking n00b!.. Bla bla to your fucking
Saving the world from Bropia, the world n33ds saving from you!

'-S-K-Y-'-D-E-V-I-L-'

This message is allegedly addressed to the author of WORM_ASSIRAL.A, self-proclaimed creator of anti-BROPIA worms. As a payload, WORM_ASSIRAL.A proclaimed that its author was "freeing the world from BROPIA". This worm was known to terminate BROPIA-related processes.

WORM_FATSO.A now insults the author of WORM_ASSIRAL, accusing him/her of being a "noob" (a "newbie", or an inexperienced person, specifically a programmer). This could be due to the fact that WORM_ASSIRAL used SMTP, a relatively "old" and conventional means of propagating worms.

Whether the authors of the BROPIA variants and WORM_FATSO.A are related, or one and the same person, remains to be seen. However, one thing is quite certain: MSN Instant Messenger (IM) worms are fast becoming the malware of choice among worm creators, and this can be attributed to the fact that the code for MSN propagation has already been posted in virus writers' forums.