Home › Forums › Archives › Site News & Announcements › Instant Messaging News › AIM News › Trojan Targets AIM
- This topic has 0 replies, 1 voice, and was last updated 19 years, 4 months ago by infoICQ.
-
AuthorPosts
-
May 10, 2005 at 3:03 pm #18268infoICQMember
A Trojan continued to spread Monday among America Online instant messaging clients, and installs its backdoor on the infected PC when trusting users click on a link within the line “Check out this” or “i thought youd wanna see this” from a buddy on their AIM contact list.
Dubbed “Oscarbot” by McAfee and “Doyorg” by Symantec, the Trojan doesn’t spread automatically when users download and run the file linked in the instant message. Instead, it opens a port and listens for instructions on IRC (Internet Relay Channel); the attacker must specifically order each infected machine to start spreading.
It propagates by sending the same message to every buddy in the system’s AOL Instant Messenger client’s address book.
The primary damage down by the Trojan is the backdoor component, which can later be used by the attacker to upload software of his choice to the compromised PC. Such machines are typically added to hackers’ botnets and used as spam proxies or machines to launch denial of service(DoS) attacks. Up-to-date anti-virus software should catch the Trojan — which has been circulating for just over a week — and will delete it on infected systems. Users can best protect themselves by not clicking on links delivered via IM, nor download software from those URLs, even if the message comes from a trusted friend.
Source: CRN.com
-
AuthorPosts
- You must be logged in to reply to this topic.