If your MSN Messenger displays a roast chicken with a bikini, your PC has been infected by the new Bropia.E and Gaobot.CTX worms.

Madrid-based antivirus specialist PandaLabs said it has detected Bropia.E and Gaobot.CTX, malicious code that spreads together.

Bropia.E sends itself out using the instant messaging program MSN Messenger disguised as an image file with a variable name taken from a long list of options and a .pif or .scr extension.

Some examples of the name of this file are: bedroom-thongs.pif, LMAO.pif or LOL.scr, the Spanish firm said in a statement.

If the user runs the file, it displays a curious image on screen. However, this image is just a cover-up to hide the real actions carried out by the worm.

This malicious code sends itself out to all the contacts in MSN Messenger and creates various files on the computer, including a file called winhost.exe, which actually contains the Gaobot.CTX worm.

Gaobot.CTX carries out the actions that pose the biggest threat to the computer, as it connects to IRC channels and waits for commands from a remote user.

This allows a hacker to download all kinds of files to the affected computer: Spyware, adware, other viruses, etc.

“As a rule of thumb, you should never open a file you receive through instant messaging systems without scanning it first with an updated antivirus,” said Luis Corrons, head of PandaLabs.

“A growing number of viruses are using these applications to spread, and their biggest danger lies in the recipient running executable files without thinking twice, as they are sent from a known address.

“This also implies that there is risk of them spreading rapidly via instant messaging, leaving poorly protected networks vulnerable to becoming infected in a matter of seconds,” he said.

Panda Software advises users to take precautions and update their antivirus software. The company said it has made the corresponding updates available to its clients to detect and disinfect these new malware.

Panda Software's clients can already access the updates for installing the new TruPrevent Technologies along with their antivirus protection ( www.pandasoftware.com/truprevent ), providing a preventive layer of protection against new malicious code.

For users with a different antivirus program installed, Panda TruPrevent Personal is compatible with and complements these products, the company claimed.

This provides a second layer of preventive protection that acts while the new virus is still being studied and the corresponding update is incorporated into traditional antivirus programs, decreasing the risk of infection.

In addition, users can scan their computers online for free with Panda ActiveScan, available at www.pandasoftware.com.

Malaysian users can go straight to Panda Software (Malaysia) at www.safesoftware.com.my.


Source : Star-TechCentral