Star Wars used as hook for phishers
Published: 25 May 2005 09:15 BST
A new worm and a phishing scam are targeting members of the America Online and Yahoo instant-messaging networks, security companies warned on Tuesday.
In both cases, people receive an instant message with an apparent reference to the newly released "Star Wars Episode III: Revenge of the Sith" movie, encouraging them to click on a link, said Jon Sakoda, chief technology officer at IMLogic, an instant messaging security company.
"Both seek to capitalise on momentum and enthusiasm around the 'Star Wars' movie," he said.
In the case of the AOL worm, the text in the instant message is: "hehe, i found this funny movie", and the word "this" is a hyperlink, according to the IMLogic advisory. The Yahoo message references "StarGames" in the link, IMLogic said in its warning.
IMLogic has listed both the Yahoo and AOL issues as "medium" risk threats. McAfee has only had one report of the AOL worm, said Craig Shmugar, virus research manager at the antivirus software vendor.
When an IM user clicks the link in the AOL message, malicious code is downloaded to the user's PC. The code is installed, and the worm sends itself to all of the victim's contacts, Shmugar said. The code, a variant of the Gaobot virus, could give the attacker remote control over the victim's PC, he said.
The link in the Yahoo instant message leads to a site that is designed to look like a real Yahoo Web site, but is in fact part of a phishing scheme — a prevalent type of online fraud that attempts to steal sensitive user information such as user names, passwords and credit card information — to steal login information, Sakoda and Shmugar said. Once at the Web site, the IM user is asked to enter their Yahoo credentials, which appear to then be emailed to a Hotmail email address.
The worm and phishing scam are the latest in an increasing number of cyberthreats that use instant messaging to get to Internet users. Just as with attachments and links in email, instant messaging users should be careful when clicking on links that arrive in instant messages — even messages from people they know, Sakoda said.
People are advised to keep their antivirus software up to date. McAfee will update its antivirus software on Wednesday to detect this latest Gaobot variant, Shmugar said. Current McAfee products may catch the malicious software via their intrusion detection capabilities, he said.
Did you find this article useful?
38 out of 77 people found this useful
- Share this article:
