Danish security watchdog Secunia has issued a 'medium' alert over the newly discovered Bropia worm, warning that it is spreading fast via MSN Messenger.
The malicious code, which arrives as a .pif file, acts as a carrier dropping a variant of the Spybot worm onto compromised PCs. This then acts as a Trojan and tries to harvest passwords from the computer before sending itself out again via Messenger.
"Many corporations have been blocking the use of instant messaging programs for employee productivity reasons, and may now have good cause to do so for security reasons as well," said Joe Hartmann, senior virus researcher at antivirus company Trend Micro.
"With the popularity of instant messaging, it may be the home users who are most at risk. This kind of worm uses humour to make people forget that they are being infected, and backdoors are being opened into their systems."
The Spybot worm is particularly damaging, Secunia warned. It seeks out Windows identity keys and certain application activation codes and feeds the information to the sender via IRC.
The Bropia worm arrives in a file about 184KB in size. It affects Windows 95, 98, ME, NT, 2000 and XP. More information about the worm can be found here.
Kicking Palantir off of AWS is among their demands, too
Rafaela Vasquez was watching The Voice at the time of the crash, new evidence shows
PUBG price slashed on Steam after selling more than 50 million copies - as daily player numbers plunge
Use the same password for every website? It might be time to change them all