A few minutes ago, I was invited to a Chatroom made by Officer_Raynolds.
Results below:
-----------------
[SAS]_Cpl_DUKE (duke72germany): good evening guys
U.S. Army Soldier (sergeant75): hey
[FMJ]_Sgt_Outlaw (sgtoutlaw): hey
U.S. Army Soldier (sergeant75): ok this is about a virus going around on xfire
[SAS]_Cpl_DUKE (duke72germany): aha
U.S. Army Soldier (sergeant75): if some 1 called bloodshot wants to add u dont its a virus
U.S. Army Soldier (sergeant75): it will infect all ur friends on xfire
[SAS]_Cpl_DUKE (duke72germany): and what about others who accepted it? So my account is already infected?
U.S. Army Soldier (sergeant75): i dont have the original message so i dont remember everything
)BIA(Delmarsponger (sdsniper): what's going on
U.S. Army Soldier (sergeant75): its about a virus
U.S. Army Soldier (sergeant75): going around on xfire
)BIA(Delmarsponger (sdsniper): um
)BIA(Delmarsponger (sdsniper): ok
U.S. Army Soldier (sergeant75): if some 1 wants to add u as a frind called bloodshot dont add its a virus
)BIA(Delmarsponger (sdsniper): well, it might be just me, but I only add people I know
U.S. Army Soldier (sergeant75): duke i got the messge yesterday do the same start a chat room and tell all
[SAS]_Cpl_DUKE (duke72germany): thx for the update - i am going to post this in the [SAS]-Forum right now...
U.S. Army Soldier (sergeant75): twell just incase i do the same thing sd sniper
U.S. Army Soldier (sergeant75): ok duke
)BIA(Delmarsponger (sdsniper): ok
[SAS]_Cpl_DUKE (duke72germany): so long and thank you
DUKE, Germany
"What's the plan?
Track'em, find'em, kill'em!"
Good heads-up. Has anyone notified xfire??
SAS_Vet_Random
Lt. Col (Retired)
22nd [SAS] Elite Virtual Regiment
There is often virus alerts in xfire forums, but they seems to be fake... if I dont remember wrong.
secunia advisory advises of nothing exploitable within xfire
Lt_Col WIZ, VC, MiD (Ret)
Either way.. You wont get a virus with just adding a person on xfire.
If that person sends you a link called "www.ifyouclickthislinkyoureanidiot.org" on the other hand, then you should be careful.
This reminds me of one that went around a year or two ago, fake as can be probably -- one that hit before was same story, diff username, worse virus description.
Although no code is 100% full proof, especially if you are running directly under an account with administrator priv.
Few things... How can adding a friend on XFire give you a virus?
and Occifer_Raynolds' msg shows great similarities with chain mail... They keep coming up with new ways... ROTFL
-Picture from 'True Lies'
It seems you got there something wrong, ToiletMaker
Please don't blame a guy who just wanted to help...
DUKE, Germany
"What's the plan?
Track'em, find'em, kill'em!"
Considering that we can't read the code that is executed -- it could do almost any thing, even install a keylogger that reports to XFires servers.
It is all a matter of "trust" that XFire offers no known security risks when they make a release, and that there are no crackers out there who know ones the XFire devs don't know yet.
If XFire is as I would expect it to be internally, I wouldn't want to read the code lol.
If you want to be paranoid, use Pidgin and the GFire plugin instead of XFires client so XFire specific problems are avoided when you add'em or just refuse the add me request if that user account sends one to you.
Simple lol.