Monday, June 12, 2006

Worm Attack

I was just the victim of a worm attack. Actually, the success of the attack must largely be attributed to a sudden lapse of good judgement on my part.

The circumstances of the attack are as follows : I received a MSN message on my MSN. The message went "check out these pics of us! http://p1392.pics-myspace.info" , which if you clicked downloaded an exe onto your computer. If you then proceeded to run the exe, then the worm would run and lots of MSN windows would propagate spreading the nonsense.

Ok, perhaps it was darn obvious that any foreign exe is dangerous. Normally I would have deleted it, but it so happened that I went out with my friends(including 'infected one') yesterday. Hence it was somewhat plausible that there were really some pics. Anyway I scanned the exe with the antivirus and it oked the file. Then the worm struck.

Luckily the worm was not dangerous, and easily removed. The ease of removal (kill the process thread, delete the offending file) and its lack of payload led me to believe that it was programmed as a sort of kids prank.

I reflected briefly upon this incident, and came to some conclusions. First, no antivirus is as effective as common sense. Second, if I ever came to create a company, I would ban the use of MSN and their like on office computers. I would also force employees to undergo some sort of computer security awareness course. Third, I wouldn't name my worms myspace.exe or anything that says "WORM HERE". I would name it iexplorer.exe or something that sounds legitimate.

Anyone is free to laugh at me (til the next week) for my error in allowing the worm on my system. In anycase, I was able to purge the worm, so anyone infected please ask me for the easy solution.

Hmm I was about to blog on the upgrading issue before the Worm incident. THEY KNEW !!! Hahah just kidding.


Technorati Tags : , , ,

1 comment:

Gary W. Longsine said...

Thanks for sharing your experience. It goes to show that anybody can fall for these things.

People tend to trust their AntiVirus systems, but they don't realize that it takes the AntiVirus vendors a day or two on average to find a threat, write and test definitions, and get them out the door. Of course, the instant nature of email and IM systems means that a lot of people are exposed to a threat before the definitions are available, as you found out.