Results 1 to 3 of 3
October 28th, 2005, 09:08 PM #1
Adwhores take AIM
- Join Date
- January 18th, 2005
- St Clair Shores MI.
Seems like the networks need to distance themselves from these Adwhore BHOs bundling with Worm Viruses, Zombie doDOS Botnets, e-mail spam machine. Nice bundle includes the usual rogue BHO and searchbar hijackers all monitized by merchants indirectly doing business with them all.
GREAT article http://www.facetime.com/pr/pr051028.aspx
..."Foster City, CALIF – October 28, 2005 - FaceTime Security Labs identified and reported a new threat being propagated through the AOL Instant Messenger (AIM) network. The worm is being passed through instant messages from members on a user’s Buddy List and within AOL chat rooms. FaceTime researchers confirmed today that the W32/Sdbot-ADD - identified previously by including an adware bundle – also includes the lockx.exe rootkit file. The executable provides an attacker with the capability to upload, download and monitor the infected host. Furthermore, the executable attempts to shut down anti-virus programs and leaves a backdoor on the host PC to install additional software.
Who is affected: All AIM PC users are at risk by new IM exploit.
Description: New IM exploit launched through AIM, that:
Adds a lockx.exe rootkit that connects to an IRC server, awaiting remote commands from an attacker. Rootkits may be used by an intruder after cracking a computer system and often hides logins, processes, files, and logs. It may include software to intercept data from terminals, network connections, and the keyboard
Acts as a vector for additional adware, worms and viruses
Changes a viewer’s original search page to http://www .eza1netsearch.com/ sp2.php
Often increases the CPU usage to 100 percent after the malware is installed
Downloads other applications, including 180Solutions, Zango, the Freepod Toolbar, MaxSearch, Media Gateway, and SearchMiracle
FaceTime Enterprise Edition and IMAuditor customers can proactively block these malicious threats and prevent infections before they happen by blocking downloads of the specific executable files associated with the threat. For more information, visit FaceTime Security Labs’ reference site at http://www.facetime.com/securitylabs/imp2pthreats.aspxWebmaster's... Mike and Charlie
"What have you done today to put real value into a referral click...from a shoppers viewpoint!"
October 28th, 2005, 11:21 PM #2
Oh great . . . now we've got freakin zombies to worry about. Glad I don't use AIM
October 29th, 2005, 02:21 AM #3
IM is a popular attack mechanism for viruses and worms - PIF files are a common one, because they are so rare and most people don't realise that they are executable. Antivirus software also has difficulty with IM clients.
Personally, I believe that the safest thing to do is NOT use any kind of IM client. It's just another piece of software to remember to keep up to date, and is just another potential door into your systsem.
By Merchant Consultant Team in forum Midnight Cafe'Replies: 12Last Post: November 19th, 2005, 06:58 PM
By ecomcity in forum Midnight Cafe'Replies: 0Last Post: December 21st, 2004, 11:27 AM
By ecomcity in forum Midnight Cafe'Replies: 2Last Post: July 18th, 2004, 03:04 AM
By FreeDebt in forum Commission Junction - CJReplies: 5Last Post: May 1st, 2003, 05:56 AM