Attention MSN Messenger Users!

19 Aug 2001
Virus News

Infections by the Internet worm "Newpic" have been registered

Kaspersky Lab, an international data-security software developer, announces the registration of computer infections by the Internet worm "Newpic," which are spreading via the popular MSN Messenger pager network.

The current malicious program was detected at the beginning of last week, at which time it was added to the Kaspersky Anti-Virus database with the necessary defense procedures. However, the first incidents connected with "Newpic" were noted this past weekend.

"Newpic" is an executable program written in Visual Basic and is compiled in an EXE file about 50Kb in length. Upon execution of the worm-carrying file, "Newpic" displays a fake message pertaining to a file-processing error in order to hide its activity.

The worm than registers itself in the auto-run registry key so that the worm is automatically executed upon every ensuing computer reboot. "Newpic's" active copy keeps track of new incoming messages to MSN Messenger, answers these tracked messages in the infected computer user's stead and offers the message recipient the chance of receiving some recent photographs.

"The possibility of 'Newpic' spreading in the USA and Europe is very good, because this messaging service has millions of users there," commented Eugene Kaspersky, Head of Anti-Virus Research for Kaspersky Lab.

A more detailed description of "Newpic" is available in the Kaspersky Virus Encyclopedia.