Guest zerodamage October 31, 2005 Share Guest zerodamage Guests October 31, 2005 http://news.com.com/AIM+worm+plays+nasty+n...ml?tag=nefd.top A worm found spreading via America Online's Instant Messenger is carrying a nastier punch than usual, a security company has warned. The unnamed worm delivers a cocktail of unwanted software, including a so-called rootkit, security experts at FaceTime Communications said Friday. A rootkit is a tool designed to go undetected by the security software used to lock down control of a computer after an initial hack. "A very nasty bundle is downloaded to your machine" when you click on the worm link, said Tyler Wells, senior director of engineering at FaceTime. "This is the first time that we have seen a rootkit as part of the bundle of applications that is sent to your machine. It is a disturbing trend." IM worm and malicious code attacks are happening more than ever before. The number of threats detected for instant-messaging and peer-to-peer networks rose 3,295 percent in the third quarter of 2005, compared with last year, according to a recent report from security provider IMlogic. In addition to the "lockx.exe" rootkit file, the new worm delivers a version of the Sdbot Trojan horse, said FaceTime, which sells products to protect instant-messaging traffic. Sdbot opens a backdoor on the infected PC. The worm also places several spyware and adware applications, including 180Solutions, Zango, the Freepod Toolbar, MaxSearch, Media Gateway and SearchMiracle, the company added. The worm was spotted in an AOL IM chatroom and infected one of the PCs that FaceTime uses for worm bait. The company said it also has seen the pest hit other computers. "It is still out there, and it is definitely something the user should be leery of," Wells said. "The rootkit is designed to not be detected, and that is the scary part." Worms on IM networks can spread rapidly. They appear as a message from a buddy with a link that looks innocent, but in fact points to malicious code somewhere on the Internet. Once the user clicks on the link, malicious code is installed and runs on the computer. The worm then spreads itself by sending messages to all names on the victim's contact list. The advice to users is to be careful when clicking on links in IM messages--even when they seem to come from friends--and to use up-to-date antivirus software. When receiving a link in an instant message, the best practice is to verify with the sender if the link was sent intentionally or not. For those who do not know, Rootkits are the next stage of spyware/adware where the files and processes responsible for the spywar and viruses are hidden. Typical spyware cleaners can not remove them as they can not see them. Ugly stuff. use Trillian. Link to comment Share on other sites More sharing options...
Guest ash- November 6, 2005 Share Guest ash- Guests November 6, 2005 http://news.com.com/AIM+worm+plays+nasty+n...ml?tag=nefd.top A worm found spreading via America Online's Instant Messenger is carrying a nastier punch than usual, a security company has warned. The unnamed worm delivers a cocktail of unwanted software, including a so-called rootkit, security experts at FaceTime Communications said Friday. A rootkit is a tool designed to go undetected by the security software used to lock down control of a computer after an initial hack. "A very nasty bundle is downloaded to your machine" when you click on the worm link, said Tyler Wells, senior director of engineering at FaceTime. "This is the first time that we have seen a rootkit as part of the bundle of applications that is sent to your machine. It is a disturbing trend." IM worm and malicious code attacks are happening more than ever before. The number of threats detected for instant-messaging and peer-to-peer networks rose 3,295 percent in the third quarter of 2005, compared with last year, according to a recent report from security provider IMlogic. In addition to the "lockx.exe" rootkit file, the new worm delivers a version of the Sdbot Trojan horse, said FaceTime, which sells products to protect instant-messaging traffic. Sdbot opens a backdoor on the infected PC. The worm also places several spyware and adware applications, including 180Solutions, Zango, the Freepod Toolbar, MaxSearch, Media Gateway and SearchMiracle, the company added. The worm was spotted in an AOL IM chatroom and infected one of the PCs that FaceTime uses for worm bait. The company said it also has seen the pest hit other computers. "It is still out there, and it is definitely something the user should be leery of," Wells said. "The rootkit is designed to not be detected, and that is the scary part." Worms on IM networks can spread rapidly. They appear as a message from a buddy with a link that looks innocent, but in fact points to malicious code somewhere on the Internet. Once the user clicks on the link, malicious code is installed and runs on the computer. The worm then spreads itself by sending messages to all names on the victim's contact list. The advice to users is to be careful when clicking on links in IM messages--even when they seem to come from friends--and to use up-to-date antivirus software. When receiving a link in an instant message, the best practice is to verify with the sender if the link was sent intentionally or not. For those who do not know, Rootkits are the next stage of spyware/adware where the files and processes responsible for the spywar and viruses are hidden. Typical spyware cleaners can not remove them as they can not see them. Ugly stuff. use Trillian. <{POST_SNAPBACK}> trillian is even worse than AIM. atleast AOL has many many years of bug hunting behind them. if you wanna avoid rootkits, booters and wannabe elite hackers on AOL, just get GAIM. it's so obscure and sucks so bad that no one is gonna bother to hack you through it. Link to comment Share on other sites More sharing options...
Cujo November 6, 2005 Share Cujo Member November 6, 2005 i have no problems with msn. Link to comment Share on other sites More sharing options...
anonymo November 6, 2005 Share anonymo Member November 6, 2005 i have no problems with msn. <{POST_SNAPBACK}> agreed...cept people for some inane reason insist on using AIM... Link to comment Share on other sites More sharing options...
Ice_Berge_00 November 6, 2005 Share Ice_Berge_00 GC Alumni November 6, 2005 why not just be smart about security on your comp and not click links without an explanation from the person that sent you. This worm, like so many others, requires you to click the link to download it. This is nothing new here. Just be smart about what you click before you click it. Link to comment Share on other sites More sharing options...
Cujo November 6, 2005 Share Cujo Member November 6, 2005 anonymo, it's cause half of the usa got aol as their first internet. there are very few canadians but it's like god down south. ice, that's definately true. it's so obvious when you get stuff that's bad cause it's not at all how that person usually types. Link to comment Share on other sites More sharing options...
Acid-Flux November 6, 2005 Share Acid-Flux Member November 6, 2005 GAIM sucks? wow, first time anyone has ever said that. Ive been using it for 5+ years now and havnt had a single problem Link to comment Share on other sites More sharing options...
Guest ash- November 6, 2005 Share Guest ash- Guests November 6, 2005 GAIM sucks? wow, first time anyone has ever said that. Ive been using it for 5+ years now and havnt had a single problem <{POST_SNAPBACK}> it sucks mainly because it is lacking so many features that come standard with many other clients. it's great for security on windows since it is such an obscure client and most wannabe hax0rs are busy trying to exploit the more well known clients. i like it when idiots try to run their booter programs on me and all i see "lamer31232: <snd=\con\con>" etc. Link to comment Share on other sites More sharing options...
stutters November 6, 2005 Share stutters GC Alumni November 6, 2005 gaim has been ported to windows? trillian > aim Link to comment Share on other sites More sharing options...
Guest ash- November 6, 2005 Share Guest ash- Guests November 6, 2005 gaim has been ported to windows? trillian > aim <{POST_SNAPBACK}> http://gaim.sourceforge.net/win32/index.php yep, it's been out for a long while now Link to comment Share on other sites More sharing options...
anonymo November 7, 2005 Share anonymo Member November 7, 2005 anonymo, it's cause half of the usa got aol as their first internet. there are very few canadians but it's like god down south. <{POST_SNAPBACK}> I know...still doesn't explain why everyone still uses it...I told myself I wouldn't get started... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now