IM is the new horizon for infections.
which brings up an interesting story.
yesterday somebody added me to MSN, so I figured, alright, I'll give them a chance.
Immediately they sign in and ask for "help with VB" or something, and attach a zip.
So I transfer it, unzip it... and it's an EXE file.
they claimed it was their visual basic program. Can't remember exactly what they said was "wrong" with it, but I found a few things interesting when I opened the file with dependency viewer.
In that is wasn't dependent on any vb runtime. This was a very strange VB program indeed! additionally viewing the resources revealed some untyped date that looked to be some sort of executable (in that it started with MZ.)
but I decided to play along with them(I didn't run the program I'm just messing with them. great fun)...
<Names are changed to protect the innocent>
Them:"Did you open it?"
Me:"Yeah. It just opened a command window, and then closed."
Me:"hmm. looks like I got infected somehow."
Them:"PWNED"
Me:"how?"
Them:"It was my trojan >
"
Me:"Oh, it's a good thing I didn't run it then. I kind of figured out it wasn't a VB program like you claimed."
Them:"I'm kidding I really need help with C++. Can you run it and check for me"
Me:F---- off.
(deletes contact)
So, all in all, I got some entertainment for a few minutes anyway.
