Video Screencast Help

Instant Messaging Users Beware: IM Worm Using MySpace as Bait

Created: 30 Jun 2006 07:00:00 GMT • Updated: 23 Jan 2014 18:59:07 GMT
Symantec Security Response's picture
0 0 Votes
Login to vote

We are seeing signs of worm activity over instant messaging (IM) andwanted to warn you not to let your curiosity get the better of you.You’ve heard the saying about curiosity killing the cat, right?

Ina nutshell, IM users are receiving messages that say "check out thesepics of us!", with a link provided in the IM window to either "p1392.pic-myspace .info" or "p1377. pic-myspace .info". When unsuspectingvictims click on the link, thinking that they are going to the MySpaceWeb site, they are instead transported to another Web site at whichpoint a malicious downloader gets installed on the victim's machine.From what we can tell, this particular downloader tries to install abunch of applications, presumably with the intent to earn the site'sowner some commission. While this is probably more of an annoyance thananything else, if you ask me, the good news is that Symantec customershave been protected from this type of attack since December 2005.

At the end of the day, if you can remember one thing from this blogit would be: don't click on any of the above links mentioned that youreceive over IM and, in general, don't click on links from strangers!