Content

IM virus surge marks new criminal turf war

An increase in the number of instant messenging (IM) viruses marks the start of a new war between virus writers, according to a virus expert.

"We have recently seen several IM viruses and worms containing taunts to other virus writers and each one is trying to remove the others," said Mikko Hypponen, director of anti-virus research at F-Secure.

Two new variants of the Bropia worm have been spotted in the wild in the last week. Hypponen said the Assiral worm, also on the loose, tries to remove these variants. Another worm, called Sumom, tries to remove Assiral and makes a number of derogatory remarks about the writer of that worm.

According to another expert, the virus writers are using social engineering techniques to propagate these viruses and are targeting users of Microsoft's Instant Messenging application.

"The vast majority of IM worms currently make use of MSN and they normally 'arrive' as a weblink to a picture, which of course isn't a picture but an executable," said Roel Schouwenberg, senior research engineer at Kaspersky in the company's weblog. "Paris Hilton has the been subject for these IM worms quite a lot of times, along with other topics."

Eric Chien, chief researcher at Symantec Security Response said prior to this year there was only about one IM-related virus a year, but the recent surge is a cause for concern.

"We are just at the beginning of a war between virus writers," he said. Chien added that things could get a lot worse "if the virus writers respond to each other's taunts." He said the same thing happened between the authors of the Netsky, Bagle and MyDoom viruses when new variants appeared on a regular basis with fresh insults.

Hypponen said the viruses had a weak point as they pointed to websites that downloaded their malicious payload. He said F-Secure had been in contact with ISPs to remove these websites.

"Once we take down these websites we save the whole world," he added.

As reported in SC Magazine here a number of worms and viruses have used Paris Hilton as a cover to unleash trouble on unsuspecting users.

www.kaspersky.com
www.f-secure.com
www.symantec.com

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.