# ATTENTION ALL MSN USERS!!!



## CinoxFellpyre (Jul 17, 2010)

We have once again, another malicious program that has sprung up on MSN.  This program will use your Messenger to send out a message similar to  this one:

is this you on pic?   hxxp://ow.ly/2cUR6?=www.facebook.com/photo.php?=yourusername@youremail.com  (Please don't click it >.=.>)

If you ever get a message, immediately tell the person and tell him to  change his password. NO FUCKING EXCEPTIONS. If you clicked the link, and  you were not lucky enough to have an antivirus that STOPPED IT IN TIME,  then take these steps.....

1) Download Avast! Antivirus. It not only stops you from doing stupid things, but it also will clean out your PC of the program.

2) Change your password for EVERYTHING YOU HAVE, including for sites  that are secure authentication, like PayPal, eBay, Second Life. If the  program is a Trojan (which I bet it is) then it will attempt to snag  your info through sites that link to your confidential information, even  facebook.

3) Forward this message to everyone on your contact list. They need to know this....

Please take heed of this....


----------



## Slyck (Jul 17, 2010)

...
Fantastic. The surgeon raised  an eyebrow
Fantastic. The surgeon raised an eyebrow
Fantastic. The  surgeon raised an eyebrow
Fantastic. The surgeon raised an eyebrow

(the  patient offered the surgeon for a cup of coffee) - excellent


Doin' it right?


----------



## Aleu (Jul 17, 2010)

It happened last night on yahoo, not just MSN.


----------



## Runefox (Jul 17, 2010)

Uh huh... This isn't really news. Just another in the long, infinite line of MSNspam-malware that's existed for over a decade since the first release.

The truly sad thing is, people click this stuff.


----------



## Jaden (Jul 18, 2010)

CinoxFellpyre said:


> We have once again, another malicious program that has sprung up on MSN. This program will use your Messenger to send out a message similar to this one:
> 
> is this you on pic? hxxp://ow.ly/2cUR6?=www.facebook.com/photo.php?=yourusername@youremail.com (Please don't click it >.=.>)
> 
> ...



I clicked
nothing happened :3


----------



## ArielMT (Jul 18, 2010)

Jaden said:


> I clicked
> nothing happened :3


 
It was a working link when he posted it.  I was served an IRC bot installer (with an old-style paint bucket document icon) alternately called Palevo, Yahos, and Pushbot by the few antivirus programs that detect it.

https://www.virustotal.com/analisis...98ebf7f9acfa21200845542cd1b3ca8de4-1279488489

Depressingly, neither AVG nor Norton nor Microsoft Security Essentials detect this as malware, but in better news, MBAM does.


----------



## Nyloc (Jul 18, 2010)

I never click on links from friends anyway, too many mental scars have seen to that.


----------



## ArielMT (Jul 18, 2010)

I take it back.  MSE was two days out of date.  I re-scanned the file, and it alerted.


----------



## Runefox (Jul 18, 2010)

Hmm, I wonder if Avast picks it up.

Edit: Yeeeup. Never even asked. Just blorp. Gone to the chest.


----------



## Nyloc (Jul 18, 2010)

Love it when it does that


----------



## Obsidian Eternus (Jul 18, 2010)

Should be interesting to see this get reverse-engineered.


----------



## Nollix (Jul 18, 2010)

Oh sweet Jesus, someone's spreading MALWARE??? OVER IM!?!?
SHUT.
DOWN.
EVERYTHING.


----------



## CinoxFellpyre (Jul 18, 2010)

Runefox said:


> Hmm, I wonder if Avast picks it up.
> 
> Edit: Yeeeup. Never even asked. Just blorp. Gone to the chest.


 
Avast picks it up when you go to the site, it stops you RIGHT THERE.


----------



## Runefox (Jul 18, 2010)

CinoxFellpyre said:


> Avast picks it up when you go to the site, it stops you RIGHT THERE.


 
If you have the Web Shield installed, which I don't.


----------



## south syde dobe (Jul 18, 2010)

yea it hit me but I'm alright though I didn't have avast sadly and had avg


----------



## Fenrari (Jul 18, 2010)

Some basic precautions will stop this type of situation from happening...

If you're smart about who messages you, you'd realize something off if you suddenly get a message that seemed out of the norm to say the least.


----------



## greg-the-fox (Jul 19, 2010)

I always ask "what is this?" when someone sends me a suspicious looking link before clicking it


----------



## DragonLover17 (Jul 19, 2010)

Yea i have msn but guess what I dont have the messenger got rid of it cause it was slowing my pc down. I have dial-up and I fucking hate it.


----------



## Willow (Jul 19, 2010)

If this affected YIM too, then it must have passed already, because I never got any message like that


----------



## Shiroka (Jul 19, 2010)

I don't see the use in making such a big deal of IM spam bots on forums and such. Viruses basically work like this. If you know how to deal with one, you know how to deal with every one.


----------



## greg-the-fox (Jul 19, 2010)

DragonLover17 said:


> Yea i have msn but guess what I dont have the messenger got rid of it cause it was slowing my pc down. I have dial-up and I fucking hate it.


 
Do you have a rotary phone too?


----------



## benanderson (Jul 19, 2010)

All my friends have strong passwords (containing upper-case and lower-case letters, numbers, punctuation and special characters) and we don't let anyone on our contact list unless they ask first (and we wont guarantee a yes). Non of us have ever gotten bot links like that before, or at least I know I haven't. Plus we all either use a Mac or have the resident and web shields running in AVG free.

On a side note, AVG free is much better than Avast IMHO. :b


----------



## ArielMT (Jul 19, 2010)

WillowWulf said:


> If this affected YIM too, then it must have passed already, because I never got any message like that



One mutation or another makes the rounds on all the major IM networks.



benanderson said:


> On a side note, AVG free is much better than Avast IMHO. :b


 
AVG didn't detect this variant as malicious as of yesterday, which is why it wasn't a defense for Dobe.

Truthfully, it seems like it's becoming a pot-luck which AV programs pick up on new malware variants timely enough to be effective.

Also, that SMBC comic is right on.  We need programs to protect us from ourselves.


----------



## Runefox (Jul 19, 2010)

benanderson said:


> On a side note, AVG free is much better than Avast IMHO. :b


 
AVG is heavier on system resources, slower, and according to AV-Comparatives (they disallow linking directly into anything but their main page), Avast has a better detection rate. Avira is supposedly better still, but from what I've seen in the past, Avira is pretty heavy on system resources. Maybe that's changed, but I don't know. Avast certainly doesn't slow my PC down in any noticeable manner.

AVG has also had a number of issues, such as focus-stealing, and failing to properly update modules when going from the 8.5 to 9.0 versions, which in at least one case caused Outlook/Exchange to stop working completely because the plugin would fail to load. They were very lax about acknowledging and fixing these issues, and my confidence in AVG has been shaken dramatically.


----------



## net-cat (Jul 19, 2010)

For some reason, I thought of this.

[yt]zvfD5rnkTws[/yt]

But yes. Don't click on strange things without proper protection.


----------



## benanderson (Jul 19, 2010)

Runefox said:


> AVG is heavier on system resources, slower, and according to AV-Comparatives (they disallow linking directly into anything but their main page), Avast has a better detection rate. Avira is supposedly better still, but from what I've seen in the past, Avira is pretty heavy on system resources. Maybe that's changed, but I don't know. Avast certainly doesn't slow my PC down in any noticeable manner.
> 
> AVG has also had a number of issues, such as focus-stealing, and failing to properly update modules when going from the 8.5 to 9.0 versions, which in at least one case caused Outlook/Exchange to stop working completely because the plugin would fail to load. They were very lax about acknowledging and fixing these issues, and my confidence in AVG has been shaken dramatically.


 
Your Millage May Vary. When I used Windows, Avast was the resource hog and AVG was the one running quietly in the background - granted the way AVG scans the system it takes up all HDD time so ya might as well make a cup of tea whilst its running. My parents still use Windows 7 on a 7 year old Dell Dimension 8300 (2.4GHz P4HT with 1GB RAM) and AVG9 runs like a dream on that thing. I've used it since v7 (or v6, cant remember) and never had a problem with it. But again, YMMV.

But ArielMT is right, the user is the problem. I hope that idea of teaching young kids how to be safe on the internet is taught in primary schools.


----------



## Runefox (Jul 19, 2010)

Back in version 7, AVG actually was a good bit lighter and more or less on par or even better than Avast, but the landscape's changed a little bit. Hell, Norton's even turned over a new leaf and isn't nearly as destructive to system performance as it used to be.


----------



## Willow (Jul 19, 2010)

Runefox said:


> Back in version 7, AVG actually was a good bit lighter and more or less on par or even better than Avast, but the landscape's changed a little bit. Hell, Norton's even turned over a new leaf and isn't nearly as destructive to system performance as it used to be.


 Of course when I got my new computer, I had the free trial of Norton, which actually did a bit of good

I just don't like how it overreacts to something so minor like tracking cookies on Yahoo. 

Before the trial ended, I downloaded AVG, and I'm doing pretty good with it


----------



## ArielMT (Jul 19, 2010)

Runefox said:


> Hell, Norton's even turned over a new leaf and isn't nearly as destructive to system performance as it used to be.


 
The company behind Norton is still as helpless as their products when help's really needed, though.


----------

