a new worm is out there. don't bother scanning your inbox, don't update your antivirus definitions (you do update them, right?). this one comes hidden as a URL from your best friend over ICQ.
techweb reports on the new worm, describing its payload's ability to log keystrokes, search for financial info, etc. by watching keystrokes, secure protocols such as HTTPS are essentially negated, as any passwords that are transmitted safely to your bank are totally in the clear for this trojan which has likely already netted its author a bundle of money.
the worm works by sending you to a site that exploits common browser flaws to install a program (the trojan) onto your machine. that program then sends messages to all your ICQ buddies with the bad URL and the process continues.
the trojan-feeding site for this particular strain is down now, so you can relax a little. but not much. as Ken Dunham is quoted in the article: “All ICQ and instant messaging users should be careful to avoid hyperlinks sent to them by others ... It's very likely that similar attacks will be launched in 2004 through such mediums.”
so be sure to stop communicating with your friends entirely this year, that way you'll be safe. maybe.