14 DAY TRIAL // MSN Messenger is once again under attack, as Trend Micro detected one more Windows worm attempting to spread itself through the famous instant messaging application. WORM_IRCBOT.EL may infect Windows 98, ME, NT, 2000, XP and Server 2003, having a medium damage potential and a medium distribution potential. The worm can be easily dropped on your system once you visit a malicious page infected with it, so extra-care is recommended while browsing the web. What's interesting is that it sends its files on MSN Messenger and waits for commands conducted by a remote person, usually its creator, who may get the ability to control the affected computer.
"It propagates by sending copies of itself to target recipients using the popular instant messaging application, MSN Messenger. It executes commands from a remote malicious user, effectively compromising the affected system", Trend Micro explained in the security notification published today.
Several similar attacks have been spotted in the past, but they were somehow different from today's threat. For example, we've seen such an infection based on MSN Messenger contacts that attempted to spread itself using a phishing website asking for users' login credentials. Once the threat reached a clean computer and compromised it, a malicious URL was sent to all the MSN Messenger contacts. The link redirected them to a phishing page asking for their usernames and passwords.
As you know, you can defend your computer by applying the latest security patches, fixes and updates for your applications and operating system. In addition, don't forget to enable your antivirus solution and apply the newest virus definitions, in order to detect the threat as soon as it attempts to infect the computer. Staying away from suspicious websites that may want to install the worm would be also a great idea to remain on the safe side.