Home › Forums › Archives › Site News & Announcements › Instant Messaging News › AIM News › AIM Worm Plays Nasty New Trick
- This topic has 0 replies, 1 voice, and was last updated 18 years, 6 months ago by Jeff Hester.
-
AuthorPosts
-
October 31, 2005 at 4:34 pm #20508Jeff HesterKeymaster
By Joris Evers, CNET News.com
A worm found spreading via America Online’s Instant Messenger is carrying a nastier punch than usual, a security company has warned.
The unnamed worm delivers a cocktail of unwanted software, including a so-called rootkit, security experts at FaceTime Communications said Friday. A rootkit is a tool designed to go undetected by the security software used to lock down control of a computer after an initial hack.“A very nasty bundle is downloaded to your machine” when you click on the worm link, said Tyler Wells, senior director of engineering at FaceTime. “This is the first time that we have seen a rootkit as part of the bundle of applications that is sent to your machine. It is a disturbing trend.”
IM worm and malicious code attacks are happening more than ever before. The number of threats detected for instant-messaging and peer-to-peer networks rose 3,295 percent in the third quarter of 2005, compared with last year, according to a recent report from security provider IMlogic.
In addition to the “lockx.exe” rootkit file, the new worm delivers a version of the Sdbot Trojan horse, said FaceTime, which sells products to protect instant-messaging traffic. Sdbot opens a backdoor on the infected PC. The worm also places several spyware and adware applications, including 180Solutions, Zango, the Freepod Toolbar, MaxSearch, Media Gateway and SearchMiracle, the company added.
All that unwanted software can eat up system resources, slowing down the PC, Wells said. Also, the malicious applications will attempt to disable security programs and change the search page on the user’s Web browser, FaceTime said.
The worm was spotted in an AOL IM chatroom and infected one of the PCs that FaceTime uses for worm bait. The company said it also has seen the pest hit other computers. “It is still out there, and it is definitely something the user should be leery of,” Wells said. “The rootkit is designed to not be detected, and that is the scary part.”
Source: CNET News.com
Details: Facetime Threat Detail -
AuthorPosts
- You must be logged in to reply to this topic.