In this section

• Home
• Press office
• News archive
• Articles
• 2005
• 02

• Journalists' guide
• News archive

Talk to our experts

• Press contacts

Resources

• Sophos Podcasts
• SophosLabs blog
• Graham Cluley's blog
• Image gallery
• Customer case studies
• Free anti-virus
• White papers
• Awards and reviews
• Industry affiliations

Info feeds

• Security news
• Company news

• Security news
• Company news

What are info feeds?

25 February 2005

Bropia-R instant messaging worm is no joke, reports Sophos

Experts at SophosLabs™, Sophos's global network of virus and spam analysis centres, have warned computer users about a new version of the Bropia worm which spreads via the MSN Messenger online chat system.

The W32/Bropia-R worm sends itself to all contacts in an infected user's MSN Messenger buddy list, in an attempt to drop a copy of another worm - the W32/Rbot-WN network worm and backdoor Trojan horse. This malicious worm allows hackers to take remote control of infected computers, allowing them to capture keystrokes and grab screenshots (allowing opportunities for identity fraud), and even capture webcam footage of the unsuspecting user.

When first run, W32/Bropia-R may display an error message that reads "Enkele bestanden konden niet gemaakt worden. Sluit alle toepassingen, start Windows opnieuw op en start deze installatie opnieuw op" which translates into English says "Some files could not be created, close all application windows and start this installation again."

The Bropia-R worm displays a comical image of a toothbrush and toilet roll on infected computers.

The image displayed by the Bropia-R worm.

The image shows a toothbrush saying "Sometimes I feel that I have the worst job in the world!" to which the roll of toilet paper replies, "Ya...Right!"

"Some may be amused by the bathroom humour, but people hit by this worm may be flushing their security down the lavatory," said Graham Cluley, senior technology consultant for Sophos. "Staff should be encouraged to take security seriously, and be taught to be wary of opening unsolicited attachments - even if they come in via instant messaging systems rather than regular email."

An earlier version of the Bropia worm which spread via instant messaging displayed a picture of a sunburnt chicken.

"Companies may like to reconsider whether their users really need to online chat with external friends, or at the very least implement a whitelist of who they can receive instant messages from," continued Cluley.

Sophos continues to recommend that businesses ensure their computers are kept automatically up-to-date with the very latest anti-virus software.

• Bookmark with del.icio.us
• Submit this story to digg
• Submit this story to slashdot

See also:

• Sign up now for free notification of new viruses found in the wild
• Add live virus information to your website or intranet