MSN Worm Has A Passion For Luxury Watches

By
Christopher Boyd
on January 11, 2008 1:34 PM | | Comments (3)

An MSN Worm appears to be in the wild which retains some of the functionality of a worm mentioned here, but with some additional features (such as sending spam, for example).

Initially, it sends the victim a message regarding Myspace (in our testing, this was the only message it sent, unlike the worm linked above which had numerous options to choose from):

http://blog.spywareguide.com/upload/2008/01/dumb_in_picture_msn1-thumb.jpg
Click to Enlarge

Before you know it, you'll be sending lots and lots of spam - I hope your friends are looking for high quality luxury watches:

http://blog.spywareguide.com/upload/2008/01/dumb_in_picture_msn2-thumb.jpg
Click to Enlarge

Finally, the payload drops a file onto the computer that attempts to execute remote code - it seems they're attempting to exploit victims with this.

Here's the (randomly named) file in question that causes this, deposited into your System32 Directory:

http://blog.spywareguide.com/upload/2008/01/dumb_in_picture_msn3-thumb.jpg
Click to Enlarge

We detect this as MN.Spooler.

Research Summary Write-Up: Chris Boyd, Director of Malware Research
Technical Research: Chris Mannon, FSL Senior Threat Researcher

Categories:

Tags:

3 Comments

By cyndarelli on July 9, 2008 2:20 AM

Does anyone happen to know If you buy a watch that is a replica instead and not real thing, are there any jewelers who will service it? I bought it at http://www.theinternetbiz.com 3 years ago.

By Magy on January 14, 2009 4:22 AM

Clean out those nasty little bugs.
The antispyware solution from Search-and-destroy is one of the best scanners I?ve found so far to help me clean out those nasty little bugs that slows down my computer and causes it to freeze up or crash. It keeps my computer running like new and best of all it cost less than many of the other better known scanners that have been available for awhile now. I was glad that I finally found a scan that works and that?s so affordable. Search-and-destroy Antispyware is the best scanner I?ve used so far and you can find out more information by simply visiting http://www.Search-and-destroy.com.

By Magy on January 14, 2009 4:23 AM

Clean out those nasty little bugs.
The antispyware solution from Search-and-destroy is one of the best scanners I?ve found so far to help me clean out those nasty little bugs that slows down my computer and causes it to freeze up or crash. It keeps my computer running like new and best of all it cost less than many of the other better known scanners that have been available for awhile now. I was glad that I finally found a scan that works and that?s so affordable. Search-and-destroy Antispyware is the best scanner I?ve used so far and you can find out more information by simply visiting http://www.Search-and-destroy.com.

Leave a comment

Search

About this Entry

This page contains a single entry by Christopher Boyd published on January 11, 2008 1:34 PM.

Hacking Trams - Not A Good Idea was the previous entry in this blog.

Myspace Prank Relocates You To Japan is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.