A new worm targeting users of Microsoft Corp.’s MSN Messenger software has squirmed through the instant messaging (IM) application.
The Jitux.A worm comes in the form of an instant message inviting users to click on a URL. By clicking on the URL, users download the jituxramon.exe file, which then becomes resident in their computer’s memory and sends new messages containing the link every five minutes to all contacts stored in MSN Messenger.
Jitux.A has no other apparent destructive effects, nor does it cause changes to the system configuration, according to Panda Software Inc. Panda was among the first to detect the worm, which began spreading rapidly on Friday, largely in Portugal, Spain and Mexico.
The malicious code is compiled in Visual Basic and runs on Windows 95, 98, ME, NT, 200 and XP operating systems.
Several antivirus vendors, including Network Associates Inc. and Symantec Corp., updated their products and recommend users update their antivirus software and scan for the virus.
Jitux.A isn’t the first worm to wiggle into popular instant messaging networks, particularly MSN Messenger. More than 60 IM vulnerabilities have been published, according to security researchers from Symantec. They range from security holes that could be used to crash IM clients in denial of service (DoS) attacks to those that allow attackers to install and run malicious code remotely on computers running the vulnerable IM clients.