Security software companies F-Secure and Symantec have reported of a worm that attacks users of the MSN messaging program.
Brobia.A uses a variant of the Rbot virus whose bot code can be used, for example, as a backdoor attack to collect system information, keystrokes and to relay spam.
Brobia.A can also disable the right mouse button and manipulate Windows mixer volume settings.
The worm copies itself into a machine’s C-directory using one of the following filenames: drunk_lol.pif, webcam_004.pif, sexy_bedroom.pif, naked_party.pif, or love_me.pif.
It then attempts to send this file using MSN messenger to all active MSN contacts on the user’s desktop. The MSN messenger window has to be open on the infected computer's desktop for this to be successful.
Business users are increasingly using instant messaging as a real-time communications tool to locate fellow employees, and many are using consumer packages from the likes of MSN, Yahoo and AOL.