W32/MSNworm.EI.worm still propagating

May 15, 2008 08:21 GMT  ·  By

About one month ago, the folks at Panda Labs warned that a new MSN Messenger worm was spotted on the web, searching for vulnerable computers through the popular instant messaging client. The "kissing pig" worm still exists on the web, according to some users, but what's more important is that the majority of anti-virus solutions have already included protection against it. Now, how can you notice the worm? Well, it's simple. The W32/MSNworm.EI.worm was especially designed to propagate through MSN Messenger, so it is automatically sent to users of the application. What's more interesting is that, once the file is executed, the worm displays a picture of a funny pig, the main sign that your computer has been infected.

According to a security notification published by Panda Labs, the worm also downloads a backdoor, namely the IRCBot.BWB, which is installed on the affected computer in order to connect to an IRC server and wait for remote commands. The worm only affects Windows 2003, Windows XP, Windows 2000, Windows NT and Windows 98, Panda Security explains.

"Its main objective is to spread via MSN Messenger and affect as many computers as possible. Additionally, it downloads the backdoor detected as IRCBot.BWB to the affected computer," the security company added in the advisory.

Just like usual, you're advised to update your anti-virus protection to the latest version and apply the newest virus definitions as soon as possible. It's important to note that most anti-virus technologies on the market have already added protection against the worm, so this is probably the best and the easiest method to stay secure while chatting on MSN Messenger.

However, you can also turn to the more paranoid-like methods to staying on the secure side and ignore messages that look suspicious and block any message coming from untrusted contacts.