BlackAngel.B worm spreading via Microsoft's MSN Messenger

D_o_S · Jun 15, 2006

A new worm that carries a message reminiscent of movies such as "The Ring" or "FearDotCom" is currently making rounds in the MSN Messenger community according to antivirus specialist Panda Security.

Once it has infected a computer BlackAngel.B uses the instant messenger to send messages to all the contacts in a user's list, disguising itself as a video called "Fantasma" (Ghost). If opened, an image is displayed:

Besides showing a picture, the BlackAngel.B code makes several modifications to the system, which include closing different security applications (antivirus programs, firewalls, etc.) to avoid detection. It also tries to close a number of windows (Windows Task Manager, Control Panel, Registry Editor, System Configuration Utility, System Restore) so that the user cannot use operating system configuration tools, according to Panda.

To be impacted with the worm, users have to actively download the code. Messenger conversations initiated by the worm carry texts like "jaja look a that" or "mira este video" as well as a web address from where it is downloaded.

View at TechPowerUp Main Site

yaxpak · Jun 15, 2006

Well...

In case you are infected, just go into safe mode and turn off sys restore, run your anti-virus/anti-spyware. If that does not fix the prob, just back up all your important data, and simply restore your pc. You dont want sys restore to be running while you delete a virus or spyware, because sys restore will put it back when you reboot. Fawking kids have nothing better to do, than to write this type of crap and spread it all over. Shame on you.

warup89 · Jun 15, 2006

B*tch i got msn live, well BETA, so im still at risk, but eh i fought worse viruses before and i always won.

Jimmy 2004 · Jun 15, 2006

So you've got to actually accept something to get this? Or can someone just send you it without you stopping them?

warup89 · Jun 15, 2006

To be impacted with the worm, users have to actively download the code. Messenger conversations initiated by the worm carry texts like "jaja look a that" or "mira este video" as well as a web address from where it is downloaded.

You gotta active it.

Jimmy 2004 · Jun 15, 2006

Good... that way I can try to instal as much anti virus software as possible before acepting and watch it try and get through that - before crying when I realise it's managed it!

BigD6997 · Jun 16, 2006

well this is the most retarted bug ever, at least make something slightly more funny.. like my friends in computer class make programs that will open and close your drive ever 5 seconds, lol... now that would be a bug! if only we could learn how to spread it around besides threw the schools server....

all ud have to do is restart your system and the program would be truned off

sinner33 · Jun 16, 2006

At least its got the whole "the Ring" theme going off it, making it look scarier and sets the mood for panic better since it is technically a worm.

xylomn · Jun 16, 2006

these people who write these things need a good sharp wack over the head with a nice big stick...

BigD6997 said:
like my friends in computer class make programs that will open and close your drive ever 5 seconds

now that is cool, you know I want that just so I can sit giggling at it for hours (yes I am immature

)

G.T · Jun 16, 2006

Anyone accepting or downloading stuff over messenger from strangers like this deserves all they get, it's a learning curve some people need to go through.

warup89 · Jun 16, 2006

G.T said:
Anyone accepting or downloading stuff over messenger from strangers like this deserves all they get, it's a learning curve some people need to go through.

you said it, i personally never install ANti virus programs in my pc because they eat too much ram, but im very carefull on what i download and my pc's been virus free for 1 yrs nowand counting

.

Polaris573 · Jun 16, 2006

G.T said:
Anyone accepting or downloading stuff over messenger from strangers like this deserves all they get, it's a learning curve some people need to go through.

The problem arises when you get a message from one of your friends that says "check this out it's really cool" and you click it and it turns out to be a virus, trojan, spyware, adware, whateverthehellware.

G.T · Jun 16, 2006

/my friends wouldn't send me such a lame message without first pre-empting the message with something that lets me know it's actually them and vice versa

& I don't trust MSN messenger which they all know that and pretty much share the same notion.

As I said, it's a learning curve.

BigD6997 · Jun 16, 2006

yeah, i norm ask what it is first if a friend asks me to look at somthing

tofu · Jun 21, 2006

My Messenger Live has been acting very funny today.

I couldn't sign in for a couple of hours, and now that I can, the instant messaging windows are buggy.

Processor	AMD Opteron 144
Motherboard	DFI Lanparty nF4 SLI-DR Expert
Cooling	Watercooled - Alphacool Nexxxos XP, BIX2, Eheim HPPS
Memory	2x 512MB OCZ PC 3200EL Platinum Rev.2 (TCCD)
Video Card(s)	2x Gainward GeForce 6800 Ultra (430/1200)
Storage	4x WD Raptor 740GD in RAID 0
Display(s)	Eizo FlexScan L768
Case	CM Stacker
Audio Device(s)	Audigy 2
Power Supply	Silverstone Zeus ST65ZF

System Name	Iam-a-computah
Processor	i9 9900k @5 Ghz
Motherboard	Gigabyte Auros z390x
Cooling	Custom water loop, x2 280 radiators
Memory	16gb Corsair Dominator
Video Card(s)	MSI 1080 TI FE 11gb WC
Storage	SSD: 256gb Samsung 840pro & HHD: WD black 2T
Display(s)	LG 34" UW screen
Case	EVGA DG-86
Audio Device(s)	Creative x-FI
Power Supply	EVGA super NOVA 1300wtt
Keyboard	G710
Software	W 10

System Name	Jimmy 2004's PC
Processor	S754 AMD Athlon64 3200+ @ 2640MHz
Motherboard	ASUS K8N
Cooling	AC Freezer 64 Pro + Zalman VF1000 + 5x120mm Antec TriCool Case Fans
Memory	1GB Kingston PC3200 (2x512MB)
Video Card(s)	Saphire 256MB X800 GTO @ 450MHz/560MHz (Core/Memory)
Storage	500GB Western Digital SATA II + 80GB Maxtor DiamondMax SATA
Display(s)	Digimate 17" TFT (1280x1024)
Case	Antec P182
Audio Device(s)	Audigy 4 + Creative Inspire T7900 7.1 Speakers
Power Supply	Corsair HX520W
Software	Windows XP Home

System Name	Iam-a-computah
Processor	i9 9900k @5 Ghz
Motherboard	Gigabyte Auros z390x
Cooling	Custom water loop, x2 280 radiators
Memory	16gb Corsair Dominator
Video Card(s)	MSI 1080 TI FE 11gb WC
Storage	SSD: 256gb Samsung 840pro & HHD: WD black 2T
Display(s)	LG 34" UW screen
Case	EVGA DG-86
Audio Device(s)	Creative x-FI
Power Supply	EVGA super NOVA 1300wtt
Keyboard	G710
Software	W 10

System Name	Jimmy 2004's PC
Processor	S754 AMD Athlon64 3200+ @ 2640MHz
Motherboard	ASUS K8N
Cooling	AC Freezer 64 Pro + Zalman VF1000 + 5x120mm Antec TriCool Case Fans
Memory	1GB Kingston PC3200 (2x512MB)
Video Card(s)	Saphire 256MB X800 GTO @ 450MHz/560MHz (Core/Memory)
Storage	500GB Western Digital SATA II + 80GB Maxtor DiamondMax SATA
Display(s)	Digimate 17" TFT (1280x1024)
Case	Antec P182
Audio Device(s)	Audigy 4 + Creative Inspire T7900 7.1 Speakers
Power Supply	Corsair HX520W
Software	Windows XP Home

BlackAngel.B worm spreading via Microsoft's MSN Messenger

D_o_S

Moderator

yaxpak

New Member

warup89

Jimmy 2004

New Member

warup89

Jimmy 2004

New Member

BigD6997

New Member

sinner33

New Member

xylomn

G.T

New Member

warup89

Polaris573

Senior Moderator

G.T

New Member

BigD6997

New Member

tofu

New Member

Processor	e8400 @ 4ghz 1.344v
Motherboard	EVGA 780i
Cooling	Thermalright Ultra-Ex lapped
Memory	OCZ Reaper HPC 2GB (3-5-5-17) @ 450mhz
Video Card(s)	8800gts
Storage	200G WD
Display(s)	23in samsung lcd hdtv
Case	stacker 831
Power Supply	OCZ stealthxstrem 600watt
Software	Xp-Pro

System Name	Pencil Pusher (Because I built it to surf the net)
Processor	Intel X4 Quadcore Kentsfield @3.0Ghz @1.325V
Motherboard	Gigabyte X38-DQ6
Cooling	Zalman CNPS9500LED/Arctic Cooling MX-2 Paste
Memory	2x 2GB OCZ Reaper HPC 5,5,5,18 @ DDR2 1066
Video Card(s)	Sapphire 3870x2 @825/1900
Storage	500GB Hitachi
Display(s)	LG 24" LCD
Case	Silverstone Lascala LC-17
Audio Device(s)	DENON AVR-2808 RECEIVER W/ KLIPSCH SYSTEM/ ASUS XONAR D2 SOUND CARD
Power Supply	Seasonic M12 700 WATT PSU
Software	Windows Vista Premium 64Bit
Benchmark Scores	20000 3dMark06

Processor	AMD Ryzen 5900X
Motherboard	MSI MAG B550M Mortar WiFi
Cooling	Corsair H100i RGB Platinum SE 240mm
Memory	32GB Corsair Dominator Platinum RGB 3600MHz
Video Card(s)	Sapphire Vega 64 8GB
Storage	Sabrent Rocket 4.0 1TB / ADATA SX8200 Pro 1TB / Crucial MX500 1TB
Display(s)	Dell U2715
Case	Corsair 280X
Power Supply	Corsair RM850x
Mouse	Razer DeathAdder Chroma
Keyboard	Ducky One2 Horizon
Software	Windows 10 Professional
Benchmark Scores	Cinemark r23 Multicore: 22280

Processor	3.20E GHz P4 Prescott
Motherboard	Asus P4P800-E Deluxe
Cooling	Zalman (CNPS7000B-CU) Super Flower Cooler + Ultracool II fan controller
Memory	2 Gig Mushkin HP 3200
Video Card(s)	Leadtek A6600GT TDH
Storage	2 x WD 10k 74GB Raptors in RAID 0 (OS), 2 x WD 80GB SATA RAID 0, 1 X Maxtor 250GB ATA (Media, music)
Display(s)	Samsung 19" TFT SyncMaster 913N
Case	Antec Plusview Iii (Modded front) 1000AMG SOHO File Server - 5X Antec UV reactive fans - 2xUV tubes
Audio Device(s)	Creative X-FI Fatal1ty FPS running through Creative Inspire 6.1 6700 speakers
Power Supply	Hiper Type-R 580w Blue with UV cables
Software	XP pro (Legit) & shitloads that isn't >:] /serial Brycer and FraxFlamer :)

Processor	LGA 775 Intel Q9550 2.8 Ghz
Motherboard	MSI P7N Diamond - 780i Chipset
Cooling	Arctic Freezer
Memory	6GB G.Skill DDRII 800 4-4-3-5
Video Card(s)	Sapphire HD 7850 2 GB PCI-E
Storage	1 TB Seagate 32MB Cache, 250 GB Seagate 16MB Cache
Display(s)	Acer X203w
Case	Coolermaster Centurion 5
Audio Device(s)	Creative Sound Blaster X-Fi Xtreme Music
Power Supply	OCZ StealthXStream 600 Watt
Software	Windows 7 Ultimate x64

System Name	Dinosaur
Processor	939 Athlon X2 4200+ @ 2.64GHz
Motherboard	Sapphire RD580
Cooling	OCZ HDT-S1284
Memory	Corsair XMS 2x1GB CE-6 DDR480 2.5-3-2-8
Video Card(s)	Zotac GTS 450 1GB 850/1700/1850
Storage	OCZ Vertex 2 60GB + Hitachi 320GB + Seagate 1TB
Display(s)	2x Samsung 740B 17" LCD
Case	Antec 300
Audio Device(s)	ALC880
Power Supply	Antec Truepower New 650
Software	W7 Pro X64