A new worm that targets users of America Online’s AOL Instant Messenger is believed to be the first that actually chats with the intended victim to dupe the target into activating a malicious payload, IM security vendor IMlogic warned Tuesday.
According to IMlogic, the worm, dubbed IM.Myspace04.AIM, has arrived in instant messages that state: “lol thats cool” and included a URL to a malicious file “clarissa17.pif.” When unsuspecting users have responded, perhaps asking if the attachment contained a virus, the worm has replied: “lol no its not its a virus”, IMlogic said.
The malicious file disables security software, installs a backdoor and tweaks system files, the company said. Then it starts sending itself to contacts on the victim’s buddy list. ”
Here is some more Tech News from around the web:
- Intel aims for faster, cooler transistors @ CNET
- Internet Explorer 7 to see early 2006 public beta @ Ars Technica
- Sun makes Niagara an open-source chip @ CNET
- AMD Dual-Core Challenge – Intel No Show! @ HardwareZone
- Xbox 360, only 13GB Available Diskspace @ DataFuse.net
- Still time to Enter for an XFX 7800GT @ Bjorn3D
- Pocket Linux server showdown @ Ars Technica
- Holiday Gaming Gear Guide @ Designtechnica
- Eliminate Hum @ eCoustics
- You can buy the rights to Mortal Kombat @ The Inquirer
Source: CNet News.com
It’s not very sophisticated … yet … but it is totally automated. CNet reports on a worm that IM’s in chatrooms, with at least a couple of phrases, and then links to a virus. Maybe it isn’t going to outsmart too many people, but if you have kids you might want to reinforce the whole “attachments from people you don’t know’ thing, and who knows what the worm will be like in a few generations.