Categories
Attacks Browsers WWW

Was the Messenger Virus Controlled?

For those using Yahoo! Messenger like I do, you could have encountered a friend sending links to some cool pics (s)he would like to show you. I wouldn’t have blogged this as my friend Nicole already did. But, it seems that those at Yahoo! have already controlled the spread by blocking the links causing them to just show up as “http://” and not the whole URI to the infected Web site.

I happened to encounter those messages weeks before I knew it was a virus but I use Firefox, and when I went to the Web site, it didn’t infect me at all.

I just hope other messenger programs implement a block for those infectious messages as well in one way or another if it would not be like the system Yahoo! is already using. Besides, not only Yahoo! Messenger is vulnerable to this, but also AOL Instant Messenger and Windows Live Messenger. If you use these two other messaging services, please tell me if they’re also properly responding to these attacks. More info about the virus can be found at the Trend Micro Virus Encyclopedia entry for WORM_SOHANAD.I

Happy IMing to you all! 🙂

Update: The spammers apparently knew about what Yahoo! has been doing to block the URL to their malware site as I’ve just received another spam message from a contact with the address still intact. They now encode a portion of the domain to circumvent the filters of Yahoo! Messenger servers. For example, instead of thecoolpics.com which is blocked by server filters, they now send addresses as thec%6folpics.com with %6f being a URL-encoded version of the letter o.

Get free Norton Antivirus software.