A new worm type virus written in Visual Basic 6.0 is on the loose and propagates through MSN Messenger. Known and detected by several antivirus tools as Henpeck, W32/Fleming.worm or Win32.MsnWorm.Rodok.A, this virus sends messages containing a link to a malicious online file called BR2002.exe. Only by clicking the link you manually infect your computer and send the same link to everyone on your contact list (this procedure sounds familiar, no?).
Good news is the malicious file, which was a disguised CD-key for Half Life/Counterstrike, has been removed from the Web already. Bad news is it also planted a backdoor on your system known as BKDR_EVILBOT.A, allowing hackers to use your computer as a platform to perform denial-of-service attacks (a bad ass form of flooding).
Scared yet? Then right-click your taskbar and launch the Task Manager. If you see a process called BR2002 running, you’ve become a victim. But that would be exceptionnal, because Trend Micro only reports 27 infected systems!
Our friends at BitDefender have made an interesting analysis, including removal instructions.
[Sources: C|Net and Trend Micro]
Note: The content of this post is over 4 years old. Feel free to share your refreshing comments.
