Saturday, February 19, 2005

MSN Messenger Worm - Bropia W32

What is it?
W32/Bropia.worm.p is a Medium Risk Internet worm carried by an MSN Messenger attachment. When run, the worm tries to display a .jpg image from a remote site and prevent users from manually using Windows Task Manager to remove the threat.


What should I look for?
The worm copies itself into the C:\ directory using filenames like:

Beautiful A**.pif

John Kerry as Super Chicken.scr

Kool.pif

Me & you pic!.pif



How do I find out more?

View details about W32/Bropia.worm.p here.


Update: Mydoom Returns

Two more serious Mydoom mass-mailing worms, W32/Mydoom.bc@MM and W32/Mydoom.bd@MM, are now Medium Risk threats. They carry the BackDoor-CEB.f Trojan, which tries to disable anti-virus updating and also help a remote user hijack an infected machine.

Watch out for attachments inside messages posing as bounces from Postmaster or Mail Administrator.

Find out more about W32/Mydoom.bc@MM here.
Find out more about W32/Mydoom.bd@MM here.

Links to this post:

Create a Link

<< Home