Bofra worm vulnerability in IE

Latest News
Microsoft Warns of Word attack Backup Your Information! Daylight Saving Howto & Warning Storm Virus Provide Spammers New Exploited PC MarshallS/TJ Max Security Breach

Popular
Installing Skype on Ubuntu Linux MarshallS/TJ Max Security Breach Secure Hard Disk Erasing Reseting the TCP/IP stack on an MS XP with NETSH command Terms and Conditions

A new family of worms which uses an unpatched vulnerability in Internet Explorer is spreading widely across the net.

Bofra-A poses as photos from an adult webcam in an attempt to fool users into clicking on a link. Clicking on the link causes the targeted PC to run malicious script hosted on a previously infected computer. This exploits the discovered IFRAME vulnerability in IE in an attempt to infect the target computer. Click Here for more info on how Bofra Infect users.

Once the system is infected, the worm sets up a web server listening on a TPC port range 1600-1700. Infected PCs establish an IRC session on TCP port 6667 with a variety of public IRC servers, allowing hackers to control compromised machines. The worm also harvests to further its propagation. Unlike standard bulk-mailing worms, Bofra does not send copies of itself within infected email but a HTTP link that points to the host that sent the infected email.