Home › Forums › Archives › Site News & Announcements › Instant Messaging News › AIM News › Pipeline Worm Floods AIM with Botnet Drones
- This topic has 1 reply, 2 voices, and was last updated 17 years, 7 months ago by Jon8RFC.
-
AuthorPosts
-
September 19, 2006 at 1:55 pm #24992Jeff HesterKeymaster
Proactive research on security threats is the key to catching hidden threats before they can collect confidential data, deliver adware, or take down a network. When researchers grab a threat, it’s usually been doing the rounds for some time. Here, we’ve caught them in early in the act of assembling what looks like a very sophisticated operation – in fact, we’ve caught it so early that many of the domains called by the first infection file aren’t hosting infectious files yet.
How does this infection start off? As always, it begins with a seemingly innocent web address passed to you via Instant Messaging. Click the link and allow the file to execute and your day will quickly go bad…
Read more at The SpywareGuide Greynets Blog
Here are the basics
This nasty worm begins, as most do, as a seemingly innocent request designed to trick you into clicking a link in an AIM message. The two identified by Facetime include:“hey is it alright if i upload this picture of you to my blog?” and
“hey is it alright if i put this picture of you on my egallery album?”Both are linked to nasty stuff. And so, repeat after me “I will not click on links I get via IM…”
The thing is, if you get a message like this from a friend in your buddy list, you feel it’s “safe” to click. The bad guys who wrote this nasty know this. That’s why they use AIM to send out their worm. Once a friend is infected, their AIM program will send out messages to people on their contact list without their knowledge. So you may get that message from a friend, but they didn’t knowingly send it.
So always, always, check before you click that link. When I get a link from someone–even a friend–I ask them what it is first. If they respond with something like “what are you talking about?” then you know they didn’t send it to you, and you can break the bad news to them: they’ve been infected.
September 20, 2006 at 12:19 am #152481 -
AuthorPosts
- You must be logged in to reply to this topic.