New IM worm chats with intended victims

Virusi, troieni, antivirusi, vulnerabilitati, inchidere de porturi, firewalls, configurare daemons, updates, etc.

New IM worm chats with intended victims

[ #22366 ] Postby edwards on Wed Dec 07, 2005 9:02 am

You can now instant message with a worm.

A new worm that targets users of America Online's AOL Instant Messenger is believed to be the first that actually chats with the intended victim to dupe the target into activating a malicious payload, IM security vendor IMlogic warned Tuesday.

According to IMlogic, the worm, dubbed IM.Myspace04.AIM, has arrived in instant messages that state: "lol thats cool" and included a URL to a malicious file "clarissa17.pif." When unsuspecting users have responded, perhaps asking if the attachment contained a virus, the worm has replied: "lol no its not its a virus", IMlogic said.

The malicious file disables security software, installs a backdoor and tweaks system files, the company said. Then it starts sending itself to contacts on the victim's buddy list.

But the worm is programmed so that the infected user cannot see the messages that are being sent out by the worm, according to IMlogic.

"This is a first," said Andrew Burton, director of product management at Waltham, Mass.-based IMlogic. This worm is not widespread, but attackers are just trying out this new technique, he said. "We will see one or two instances of an attack, there will be a refinement and then there will be an outbreak."

The inclusion of an IM bot is another sign that IM worms are becoming more sophisticated. Another worm, also spotted on Tuesday, takes a more traditional route: it spreads under the guise of a holiday greeting card, IM security specialist Akonix Systems said Tuesday.

The holiday worm, dubbed Aimdes.E, targets AIM users and arrives with the message: "The user has sent you a Greeting Card, to open it visit:" followed by a link. Once the target clicks on the link, the worm installs itself on the system. It opens a backdoor on the computer and sends itself to contacts on the buddy list, Akonix said.

Advice to users is to be careful when clicking on links in IM messages--even when they seem to come from friends--and to use up-to-date antivirus software. When receiving a link in an instant message, the best practice is to verify with the sender if the link was sent intentionally or not.
we rock!
User avatar
edwards
just a user
 
Posts: 1721
Images: 85
Joined: Sun Sep 07, 2003 1:45 pm
Location: flotant, ca nevasta :-)

[ #23503 ] Postby pykko on Sat Dec 31, 2005 10:27 am

sau puteti folosi cel mai bun AV: NOD32 si gata..... :P
User avatar
pykko
 
Posts: 104
Joined: Sat Dec 31, 2005 2:37 am

[ #23513 ] Postby w3bitzu on Sun Jan 01, 2006 2:02 am

in romana n`ai ? ca mi-e lene sa stau sa ma gandesc in engleza :lol:
...::: web :::...
w3bitzu
 
Posts: 694
Images: 16
Joined: Tue Sep 09, 2003 3:42 pm
Location: Atlanta

[ #23528 ] Postby LINUXEL on Mon Jan 02, 2006 2:09 am

Ora potete messaggio istante con una vite senza fine. Una nuova vite senza fine che designa gli utenti come bersaglio del messaggero istante del AOL del America Online si crede essere la prima che realmente chiacchieri con la vittima progettata per dupe l'obiettivo nell'attivazione del carico utile cattivo, IM fornitore martedì avvertito IMlogic di sicurezza. Secondo IMlogic, la vite senza fine, IM.Myspace04.AIM dubbed, è arrivato nei messaggi istanti che dichiarano: "i thats di lol si raffreddano" ed hanno incluso un URL ad una lima cattiva "clarissa17.pif." Quando gli utenti unsuspecting hanno risposto, forse chiedendo se il collegamento contenesse un virus, la vite senza fine ha risposto: "il lol nessun relativo non relativo un virus", IMlogic ha detto. La lima cattiva inabilita il software di sicurezza, installa un backdoor e tweaks le lime di sistema, l'azienda detta. Allora comincia trasmettersi ai contatti sulla lista del compagno della vittima.

sau

Vous pouvez maintenant message instantané avec un ver. On pense qu'un nouveau ver qui vise des utilisateurs du messager instantané d'AOL de America Online est le premier que cause réellement avec la victime prévue pour duper la cible dans activer une charge utile malveillante, IM fournisseur mardi averti par IMlogic de sécurité. Selon IMlogic, le ver, IM.Myspace04.AIM doublé, est arrivé dans les messages instantanés qui énoncent : les "thats de lol se refroidissent" et ont inclus un URL à un dossier malveillant "clarissa17.pif." Quand les utilisateurs confiants ont répondu, peut-être demandant si l'attachement contenait un virus, le ver a répondu : le "lol aucun son non son un virus", IMlogic a indiqué. Le dossier malveillant neutralise le logiciel de sécurité, installe un secret et tord des dossiers de système, la compagnie dite. Alors il commence à s'envoyer aux contacts sur la liste du copain de la victime.


sa-ti mai traduc? :lol: :shock:

(nu am tradus tot textul)
User avatar
LINUXEL
 
Posts: 246
Images: 12
Joined: Sat Dec 25, 2004 5:23 pm
Location: Bucuresti

[ #23532 ] Postby danieLs on Mon Jan 02, 2006 2:52 am

GOOGLE translate RULLEZ sau poate BABELFISH, or whatever...
You always know a little more than they think you do, and a little less than you'd like to.

Image
<\>
_/\_
User avatar
danieLs
Last Man Standing
 
Posts: 553
Images: 25
Joined: Wed Nov 16, 2005 1:25 am
Location: Over The Edge

[ #23533 ] Postby LINUXEL on Mon Jan 02, 2006 2:54 am

nici google nici babefish :roll:
User avatar
LINUXEL
 
Posts: 246
Images: 12
Joined: Sat Dec 25, 2004 5:23 pm
Location: Bucuresti

[ #23535 ] Postby alisee on Mon Jan 02, 2006 4:51 am

nu se intelege nimic in italiana
doar ultima propozitie!!!
alisee
 
Posts: 441
Images: 3
Joined: Mon Sep 15, 2003 12:52 am
Location: Italia Bibbiena

[ #23536 ] Postby LINUXEL on Mon Jan 02, 2006 4:51 am

:oops:
User avatar
LINUXEL
 
Posts: 246
Images: 12
Joined: Sat Dec 25, 2004 5:23 pm
Location: Bucuresti

[ #25498 ] Postby danieLs on Thu Feb 16, 2006 2:53 am

LINUXEL wrote:nici google nici babefish :roll:


La ce ti-e gandu? :P
You always know a little more than they think you do, and a little less than you'd like to.

Image
<\>
_/\_
User avatar
danieLs
Last Man Standing
 
Posts: 553
Images: 25
Joined: Wed Nov 16, 2005 1:25 am
Location: Over The Edge


Return to Securitate

Who is online

Users browsing this forum: No registered users and 1 guest

cron