AIM worm



Strange AIM worm going around. It apparently includes an interesting combination of rootkits, a rootkit detector, spyware/adware, and a specialized bittorrent client. The machines can then be controlled through IRC. Source seems to be the Middle East…

IM hackers then control a global botnet where their infections can be tested and payloads are pushed. Facetime traced these hackers to the Middle East.
The same IM hackers sent movies by way of IRC and their own version of BitTorrent, installing it without consent. Now the IM hackers are back with more, nastier malware, Rootkit Revealer and adware from 180solutions/Zango.


According to the Sunbeltblog it the tease come-on for AIM is the following:

The worm lures victims through the following AOL Instant Messenger with the following messages:
“great picture :) http://www.picteurestrail.net/Mastermon/XXXXXX.JPG”, or

“not a right time to take a picture haa :-) http://www.picteurestrail.net/Mastermon/XXXXXX.JPG”

“not a right time to take a picture haa :-) http://www.pictrail.net/Matelord/XXXXXX.JPG”

“not a right time to take a picture haa :-) http://www.picstrailx.net/Mateslord/XXXXXX.JPG”

Be suspicious of links.

Related Posts

Blog Traffic Exchange Related Posts
  • Being cautious on the web... Incidents.org is reporting on the defacement of a security related web site (winsnort.com). They say they usually decline to comment on those because the attention is what the defacers thrive on. However, it does pay to keep your browser updated and antivirus current. What's more.... Several days ago there was......
  • AIM worm in the wild There was an article in the last few days about Instant messengers being a tempting new vector for viral infections... Well.... Incidents.org has information on a new AIM worm seen in the wild. It doesn't travel via a security hole, but uses the good old standby of social engineering to......
  • Top 10 spyware tricks of 2005 You can tell we're in the last 10-12 days of the year when we start seeing all sorts of year end retrospectives, year's in review, countdowns of the top ___ of ___year ending___. Well, spyware has seen a banner year in many respects and Suzi at Spyware Confidential has a......
Blog Traffic Exchange Related Websites
  • Make Blogging Work for Your Business pt 2 Are you ready to make blogging work for your business? If you already know the benefits associated with corporate blogging, then the next step is to put these concepts to work by creating your own corporate blog and sharing your company with the world. This is part 2 in a......
  • Market Characterization of Global Respiratory Therapeutics Market The Future of Respiratory Diseases Therapeutics - Market Forecasts to 2015, Competitive Benchmarking, Product Pipeline and Deals Analysis Summary “The Future of Respiratory Diseases Therapeutics - Market Forecasts to 2015, Competitive Benchmarking, Product Pipeline and Deals Analysis.” The report provides in-depth analysis of unmet needs, drivers and barriers that impact......
  • My Lessons on Buying a Car. This post was originally written at the start of 2009, but has been lost on my PC until now, so I thought I'd share with you now. My wife and I just bought a new minivan, and I thought I'd share some of the lessons I learned along the way.......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

One Response to “AIM worm”

  1. Spyware Informer Says:


    M Hackers Give Away Spyware and More…

    Chris Boyd (aka Paperghost) talks more about it on Vitalsecurity and explains that the worm not only installs a number of rootkits, but also a rootkit remover (the screenshot is from his blog). The said rootkit remover is called Rootkit Revealer. Thi…


Switch to our mobile site