Results 1 to 4 of 4
September 20th, 2006, 03:27 PM #1Instant messaging worm builds menacing 'botnet'A computer worms that spreads via instant messaging is being used to build an extensive "botnet" of remote-controlled PCs, a US security firm has warned.
Security experts at US company FaceTime identified the worm as "W32.pipeline" and warned that it spreads via AOL's instant messenger program.
The worm disguises a malicious executable program as a jpeg image, which is attached to an instant message that appears to come from someone on the recipient's AOL "buddy list".
Typically, the picture is accompanied by the message, "hey would it be ok if I upload this picture of you to my blog?" although another similar message may also be used.
If the recipient tries to open the image, the executable installs a program on their PC. This forwards the executable on to other contacts on their buddy list and also enables connections to several remote computers. It then tries to download another program that allows an outsider control the infected machine.
FaceTime's director of malware research Chris Boyd says the goal appears to be creating a huge network of remote-controlled machines, known as a "botnet". As of Thursday, Boyd estimates W32.pipeline had amassed botnet between 1000 and 2000 machines.
Botnets may be used to send out huge quantities of junk e-mail or attack business websites with an avalanche of data, in a so-called distributed "denial-of-service" attack, which may be linked to extortion.
Botnets can also be used to commit "click fraud", which involves ordering the zombie machines to repeatedly click internet advertisements, to generate money for a company's that is paid per click.
"The ultimate goal of the W32.pipeline is to create a sophisticated botnet that can be used for a range of malicious purposes," FaceTime said in a security alert issued on Tuesday.
Boyd and other researchers posted details of the worm, including screenshots and "attack scenarios" to the company's blog – http://blog.spywareguide.com.
They note that the botnet created using the worm, which is controlled via Internet Relay Chat (IRC) servers, is particularly sophisticated and uses a complicated "install chain" to schedule file uploads to infected machines.
Don't look at any pictures via instant messaging!Comments are opinion unless otherwise noted. Remember, pillage first. Then burn. Half of all people in the world have IQs under 100. You best learn to trust ol' SSanf!
September 20th, 2006, 03:33 PM #2
There was something similar awhile back with Yahoo im. I'm not hip to the im thing...Suz~~GearGirl~~
September 20th, 2006, 06:32 PM #3
- Join Date
- May 31st, 2006
- Houston TX
September 21st, 2006, 01:02 AM #4
By OTProf in forum Commission Junction - CJReplies: 5Last Post: June 7th, 2008, 07:32 AM
By guinness618 in forum Midnight Cafe'Replies: 46Last Post: April 29th, 2008, 02:17 PM
By Andy Rodriguez in forum Andy Rodriguez ConsultingReplies: 19Last Post: February 7th, 2004, 06:56 AM
By Dirk Gardner in forum Midnight Cafe'Replies: 14Last Post: February 18th, 2003, 06:00 PM