PDA

View Full Version : New Yahoo IM worm that Morphs into Skype Malware (C-NET)



N2NH
05-10-2010, 04:20 PM
Got Skype or Yahoo IM? Then this is for you...

"On the heels of a worm that was installing backdoors on Windows systems via Yahoo Instant Messenger comes a new worm that is even more sophisticated in its social engineering and payload, security firm Bkis said on Friday.

The malware arrives via instant message through Yahoo or Skype with any one of a number of messages, including "Does my new hair style look good? bad? perfect?" or "My printer is about to be thrown through a window if this pic won't come out right. You see anything wrong with it?" Bkis wrote in a blog post.

The message includes a link to a Web page that looks like it leads to a JPEG, or image file. When the link is clicked on, the browser displays an interface that looks like the RapidShare Web hosting site and offers up a ZIP file for download. The extracted file is actually an executable file with a .com extension.

The malware, which Bkis has detected as "W32.Skyhoo.Worm," disappears if the computer does not have Skype or Yahoo Messenger installed. It automatically sends messages with varying content and malicious links to contacts in the victim's IM list and automatically injects a malicious link in e-mail messages and Word or Excel files that the user is composing, Bkis said.

The worm also connects to an IRC server to receive remote commands, blocks antivirus software, uses a rootkit technique to hide its files and processes and automatically copies itself onto USB drives to spread, according to Bkis."

http://news.cnet.com/8301-27080_3-20004456-245.html?tag=mncol;title

KG4CGC
05-10-2010, 04:30 PM
lovely

W4RLR
05-11-2010, 09:35 PM
Use Linux or Mac OS X and not have to worry about such merde.

w3bny
05-12-2010, 10:27 AM
Use Linux or Mac OS X and not have to worry about such merde.

Why is that the standard answer for anything nowadays.... (Doc...I think I have cancer "Well if you used Linux or a mac I wouldnt have to cut your sack off ha-ha-ha :wtf: )

Nothing about using a good AV or firewall, nothing about keeping it up to date. Nothing about taking the advice your parents told you years ago. DONT ACCEPT ANYTHING FROM STRANGERS. Just...


Use Linux or Mac OS X and not have to worry about such merde.

Wow...that was a lot of help. And what I have come to expect from the Linux/Mac cadre...aka...standard useless answer is standard and useless!

Hey John what time is it. "Well if you used Linux or Mac OS X you wouldnt have to worry about such things"...

PEH!

KJ3N
05-12-2010, 10:48 AM
Ren,

Hate it all you want, but it's a valid answer. :-P :lol:

w3bny
05-12-2010, 10:53 AM
What...the answer to basic online security is get a frelling mac or run Linux? Remind me to call up the Security+ testing folks and tell them that everything can be solved by getting a fooking MAC and that there test is useless..

KC2UGV
05-12-2010, 10:55 AM
What...the answer to basic online security is get a frelling mac or run Linux? Remind me to call up the Security+ testing folks and tell them that everything can be solved by getting a fooking MAC and that there test is useless..

You wouldn't like their answer: You're right.

But, you wouldn't really make their test useless, configuration errors make secure systems prone to compromise.

w3bny
05-12-2010, 11:01 AM
well when My wife and i took that test....the "get a mac" wasnt any answer. She's doing CISP now and that unfortunately isnt covered either.

Anyhow...Im starting to feel manic so enjoy your mac.

KC2UGV
05-12-2010, 11:03 AM
Because if the world ran macs (Or Linux) there would be a very low demand for Security Pros.

One reason why I stopped pushing Novell and Linux servers when I was working in a outsourced IT position: Windows servers and workstations need me to go out and fix them more.

KJ3N
05-12-2010, 12:03 PM
Because if the world ran macs (Or Linux) there would be a very low demand for Security Pros.

:werd:


One reason why I stopped pushing Novell and Linux servers when I was working in a outsourced IT position: Windows servers and workstations need me to go out and fix them more.

Follow the money. :muhahaha:

kf0rt
05-12-2010, 01:07 PM
Because if the world ran macs (Or Linux) there would be a very low demand for Security Pros.

One reason why I stopped pushing Novell and Linux servers when I was working in a outsourced IT position: Windows servers and workstations need me to go out and fix them more.

If the world ran on Macs or Linux, the hackers would switch focus to that.

KC2UGV
05-12-2010, 01:10 PM
If the world ran on Macs or Linux, the hackers would switch focus to that.

True, but with limited success. UNIX used to be THE OS to use. Hacks were few, and far between. And it usually boiled down to weak passwords.

*NIX wasn't built for everyone to have Administrator privileges. Winderz was.

And, most of the world runs Macs or Linux. 90% of people using the internet have a Linux box in their house: Their router. 80% of the internet uses LAMP to present their business on the web.

Where do the hacks mainly hit? Windows.

kf0rt
05-12-2010, 01:21 PM
UNIX used to be THE OS to use. Hacks were few, and far between. And it usually boiled down to weak passwords.

*NIX wasn't built for everyone to have Administrator privileges. Winderz was.


UNIX and it's derivatives have never been "the OS" in the home market. I'm not sure I'd consider embedded devices (e.g. routers) in a discussion of hacking, viruses and general market penetration of operating systems. Guess it's all a matter of interpretation, though. They probably run VxWorks or something in microwave ovens and TV's. Hackproof, so we should bow to it's superior usability? Apples and oranges...

w6tmi
05-21-2010, 12:05 AM
Why is that the standard answer for anything nowadays.... (Doc...I think I have cancer "Well if you used Linux or a mac I wouldnt have to cut your sack off ha-ha-ha :wtf: )

Nothing about using a good AV or firewall, nothing about keeping it up to date. Nothing about taking the advice your parents told you years ago. DONT ACCEPT ANYTHING FROM STRANGERS. Just...



Wow...that was a lot of help. And what I have come to expect from the Linux/Mac cadre...aka...standard useless answer is standard and useless!

Hey John what time is it. "Well if you used Linux or Mac OS X you wouldnt have to worry about such things"...

PEH!

QFT! Well said!

KC2UGV
05-21-2010, 07:34 AM
UNIX and it's derivatives have never been "the OS" in the home market. I'm not sure I'd consider embedded devices (e.g. routers) in a discussion of hacking, viruses and general market penetration of operating systems. Guess it's all a matter of interpretation, though. They probably run VxWorks or something in microwave ovens and TV's. Hackproof, so we should bow to it's superior usability? Apples and oranges...

UNIX and their derivatives have been "the OS" in the home market. The first computers at home were nothing more than terminals to connect to the office mainframe (Running... UNIX).

But, yes, some routers run VxWorks. Many, run Linux. And, they are, for all comparisons, less hackable (Nothing is hackproof) than Winderz.

Usability? Last Usability study actually found Gnome to be superior in the usability area compared to Vista. And Mac OS X tied(?) with Gnome, or surpassed it.

There are no real merits to using Winderz on a home PC. The only reason Winderz is the dominant OS in the home right now is due to monopolistic actions on the part of MS in the past. Even now, slowly but surely, MS is losing share.