'Leaked' Windows Live Messenger Really A Trojan

The message, which refers to an alternate name for the upcoming Live Messenger, also sports a link. Users who click on the link, then download and run the executable, are in reality installing the Virkel.f Trojan.

Virkel.f adds the compromised machine to a botnet, from which the hacker can update the Trojan with additional malicious code, to make the PC into a spam zombie or along with others, launch a denial-of-service (DoS) attack on Web sites. Virkel.f also shuts down anti-virus and security software, and blocks access to sites that belong to security vendors.

This bot worm spreads by hijacking IM contact names from an infected computer, then spimming those names with new messages about the "leaked" client.

Live Messenger, which is being tested by a limited number of users, recently made news when some began selling invitations to the beta test on eBay.