27 February 2007 Blog Home : February 2007 : Permalink
In my case the chat message allegedly came from a friend and had a vaguely plausible subject, however it was clearly not genuine becuase the link was odd and becuase the user immediately left the chat session after sending the link. An example that I received this morning is:
[10:05:37] XXXX says:
Check up this:
http://24243.psadionkderunhdetionkdase.com/7/7849[10:05:40] XXXX left this chat
Needless to say you should not even think about following the link which downloads either an .exe or .pif file that presumably includes the rootkit.