As most of us know and a lot of people don't want to know: the popular IRC client named mIRC has a lot of vulnerabilities. Here's an overview of the latest threats and how to avoid them:

- The most recent threat is the //decode exploit. In short someone messages you asking to copy paste some line to get ops in some channel. First of all, you won't get ops if you copy/paste it. What you do get is a malicious script which spams the same lines via your client. The best way to avoid it is to ignore the message alltogether and notify an operator. Do not copy/paste in channel, just msg us in private.
- The second popular way to spread virusses, worms and trojans is via .jpg files, like the now famous NESTEA.JPG. Best way to avoid is by not visiting sites other people give you, or accept DCC filetransfers of unknown people. For removal and information about this backdoor/worm, visit http://www.pestpatrol.com/pestinfo/w/w32_spybot_worm.asp#Detection%20and%20Removal.
- Make sure that if you use mIRC, you always have the latest version. Older versions often have a vulnerability which makes your client crash if another user sends you a specific DCC line. If your mIRC randomly crashes and you don't know why, try to upgrade your mIRC.
- Last but not least, never, ever open sites offered to you by unknown people via private messages. A lot of virusses are being caught via the world wide web so be on your guard. Installing Firefox reduces the risk of getting a virus via the web, but doesn't eliminate it. Make sure you have a good firewall and anti-virus programs running alongside any browser you use. If you do not own an anti-virus program, visit http://housecall.trendmicro.com/housecall/start_corp.asp for a free online scan.

That's about it! Happy chatting!
 
 
Post a comment
Please login for posting a comment on this news item.