'Leaked' Windows Live Messenger Really A Trojan

A 'leaked' version of Microsoft's Live Messenger instant messaging (IM) client plants a malicious bot worm, a security company warned Tuesday.

December 27, 2005

1 Min Read
NetworkComputing logo in a gray background | NetworkComputing

Helsinki-based F-Secure told users to ignore instant messages with the subject head "MSN Messenger 8 Working BETA" that go on to claim that "Messenger 8 BETA has been leaked!"

The message, which refers to an alternate name for the upcoming Live Messenger, also sports a link. Users who click on the link, then download and run the executable, are in reality installing the Virkel.f Trojan.

Virkel.f adds the compromised machine to a botnet, from which the hacker can update the Trojan with additional malicious code, to make the PC into a spam zombie or along with others, launch a denial-of-service (DoS) attack on Web sites. Virkel.f also shuts down anti-virus and security software, and blocks access to sites that belong to security vendors.

This bot worm spreads by hijacking IM contact names from an infected computer, then spimming those names with new messages about the "leaked" client.

Live Messenger, which is being tested by a limited number of users, recently made news when some began selling invitations to the beta test on eBay.

SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like


More Insights