Advertisement
Promo

Security threats Toolkit

IM worms step up a gear

Joris Evers CNET News

Published: 07 Dec 2005 09:45 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A new worm that targets users of America Online's AOL Instant Messenger is believed to be the first that actually chats with the intended victim to dupe the target into activating a malicious payload, IM security vendor IMlogic warned Tuesday.

According to IMlogic, the worm, dubbed IM.Myspace04.AIM, has arrived in instant messages that state: "lol thats cool[sic]" and included a URL to a malicious file "clarissa17.pif". When unsuspecting users have responded, perhaps asking if the attachment contained a virus, the worm has replied: "lol no its not its a virus [sic]", IMlogic said.

The malicious file disables security software, installs a backdoor and tweaks system files, the company said. Then it starts sending itself to contacts on the victim's buddy list.

But the worm is programmed so that the infected user cannot see the messages that are being sent out by the worm, according to IMlogic.

"This is a first," said Andrew Burton, director of product management at IMlogic. This worm is not widespread, but attackers are just trying out this new technique, he said. "We will see one or two instances of an attack, there will be a refinement and then there will be an outbreak."

The inclusion of an IM bot is another sign that IM worms are becoming more sophisticated. Another worm, also spotted on Tuesday, takes a more traditional route: it spreads under the guise of a holiday greeting card, IM security specialist Akonix Systems said on Tuesday.

The holiday worm, dubbed Aimdes.E, targets AIM users and arrives with the message: "The user has sent you a Greeting Card, to open it visit:" followed by a link. Once the target clicks on the link, the worm installs itself on the system. It opens a backdoor on the computer and sends itself to contacts on the buddy list, Akonix said.

Advice to users is to be careful when clicking on links in IM messages — even when they seem to come from friends — and to use up-to-date antivirus software. When receiving a link in an instant message, the best practice is to verify with the sender if the link was sent intentionally or not.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
68 out of 112 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:






Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters