AOH :: ISN-1026.HTM

New worm hits AIM network




New worm hits AIM network
New worm hits AIM network



http://news.com.com/New+worm+hits+AIM+network/2100-7349_3-5748646.html 

By Joris Evers 
Staff Writer, CNET News.com
June 15, 2005

A new worm spread quickly on America Online's AIM instant messaging
service Wednesday afternoon but was contained within hours, experts
said.

The worm spread in instant messages with the text: "LOL LOOK AT HIM"  
and included a Web link to a file called "picture.pif." If that file
was downloaded and opened, the worm would send itself to all contacts
on the victim's AIM Buddy List, according to representatives from IM
security companies Facetime and IMlogic.

With earlier, similar worms, downloading and opening a file would also
install a backdoor or other malicious code on the victim's PC, said
Jonathan Christensen, chief technology officer at Facetime. It's not
yet known if this latest worm does that. Both IMlogic and Facetime
were investigating the picture.pif file Wednesday afternoon.

The worm first appeared around 12 p.m. PDT and appears to have spread
quickly until about 1:30 p.m., Christensen said. At that time, AOL
likely put a filter on its AIM service, blocking the worm's spread, he
said. Also, not much later, the malicious code was removed from the
Web.

"We are either currently blocking it, or we will be in the very near
future," said Andrew Weinstein, an AOL spokesman.

Facetime and IMlogic received several inquiries on the worm, signaling
that it was widespread. The worm hit employees at Hewlett-Packard and
prompted tech support at the Palo Alto, Calif., technology giant to
send out an alert to employees.

IMlogic has identified the worm as a variant of the Opanki worm, which
first surfaced last month. The new variant has been rated a "medium"  
risk.

The worm is the latest in an increasing number of cyberthreats that
use instant messaging to attack Internet users. Just as with
attachments and links in e-mail, instant message users should be
careful when clicking on links that arrive in instant messages--even
messages from people they know, experts have warned.



_________________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 - 
2,000+ international security experts, 
10 tracks, no vendor pitches.
www.blackhat.com 

Site design & layout copyright © 1986-2014 CodeGods