We’ve received reports about a new wave of malware spreading via Facebook, Yahoo! Messenger and Windows Live.
If anything, this is a classic tactic used by malware. This particular attack is detected as WORM_IRCBOT.PHT.
WORM_IRCBOT.PHT’s routines are not particularly novel, but that doesn’t make them any less of a problem. In addition to sending out the messages it uses to propagate, it also connects to several Internet Relay Chat (IRC) servers. This effectively makes user systems part of a botnet, as cybercriminals use these servers to send commands to the system, including downloading other malicious files. The browser home page is also changed by WORM_IRCBOT.PHT.
More: http://blog.trendmicro.com/photos-via-instant-messengers-facebook-lead-to-malware/
If anything, this is a classic tactic used by malware. This particular attack is detected as WORM_IRCBOT.PHT.
WORM_IRCBOT.PHT’s routines are not particularly novel, but that doesn’t make them any less of a problem. In addition to sending out the messages it uses to propagate, it also connects to several Internet Relay Chat (IRC) servers. This effectively makes user systems part of a botnet, as cybercriminals use these servers to send commands to the system, including downloading other malicious files. The browser home page is also changed by WORM_IRCBOT.PHT.
More: http://blog.trendmicro.com/photos-via-instant-messengers-facebook-lead-to-malware/