Quick Links: SpywareGuide Greynets Blog | SpywareGuide Product Database | SpywareGuide Company Database | SpywareGuide Categories
SpywareGuide powered by FaceTime Security Labs
Search SpywareGuide Greynets Database & Site
Security Email Alerts & Updates
Search the Blog
 
Recent Posts
Categories
Monthly Blog Archives
Links
Subscribe
Subscribe to this blog's feed
About the Blog
About SpywareGuide Greynets Blog
Link to Us
Link to SpywareGuide.com

« Weirdness on Myspace - Watch Out For System Doctor Adverts | Main | New Skype Worm On The Loose »

  • New MSN Virus In The Wild

There seems to be a new MSN Virus doing the rounds, in the (now common) guise of a .zip file which (of course) harbours a malicious executable.

In this case, the .zip file has a handily recognisable name:

tanya2.jpg

Check out what happens to your PC if you run the file:

http://blog.spywareguide.com/upload/2007/09/tanya6-thumb.jpg
Click to Enlarge

The machine is pretty much buried under a 100% CPU load - if you ever wanted to experience Bullet Time, here it is minus the backflips and machine guns. Here's an example of the kind of messages you can expect to be sent from an infected user:

http://blog.spywareguide.com/upload/2007/09/tanya8-thumb.jpg
Click to Enlarge

With regards spread, it seems to be fairly low at the moment. The handful of infections we've seen so far include a number of forum-goers in Singapore and Japan, and a handful of people asking for help in Italian. The messages sent via the infection file seem to be fairly limited, and include:

"Who is this girl?"

"Do you remember this girl? I can't believe she took this pic..do you know her?"

"Who is this girl? She said she likes you :D"


We detect this (unsurprisingly enough) as TanyaBabe.

Research Summary Write-Up: Chris Boyd, Director of Malware Research
Additional Research: Deepak Setty, Senior Threat Researcher
Additional Research: Peter Jayaraj, Senior FSL Senior Threat Researcher

  • TrackBack

TrackBack URL for this entry:
http://blog.spywareguide.com/mt/mt-tb.cgi/211


Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)


Site EULA | Site Map | Contact Us | About Us | Site and Spyware FAQ | Advertise | RSS Feeds  | Link To Us | SpywareGuide JapanJapanese

© Copyright 2006, FaceTime Communications, Inc. All rights reserved.