AIM worm

Strange AIM worm going around. It apparently includes an interesting combination of rootkits, a rootkit detector, spyware/adware, and a specialized bittorrent client. The machines can then be controlled through IRC. Source seems to be the Middle East…

IM hackers then control a global botnet where their infections can be tested and payloads are pushed. Facetime traced these hackers to the Middle East.
The same IM hackers sent movies by way of IRC and their own version of BitTorrent, installing it without consent. Now the IM hackers are back with more, nastier malware, Rootkit Revealer and adware from 180solutions/Zango.

According to the Sunbeltblog it the tease come-on for AIM is the following:

The worm lures victims through the following AOL Instant Messenger with the following messages:
“great picture :)”, or

“not a right time to take a picture haa :-)”

“not a right time to take a picture haa :-)”

“not a right time to take a picture haa :-)”

Be suspicious of links.

Related Posts

Blog Traffic Exchange Related Posts
  • More on the Santa IM worm There are a couple of stories out about the Santa IM worm, otherwise known as IM.GiftCom.All. First up Sans has some interesting analysis of it. It appears that it's being hosted at, when run it resolves to and attempts to open tcp port 53. It renames itself......
  • Being cautious on the web... is reporting on the defacement of a security related web site ( They say they usually decline to comment on those because the attention is what the defacers thrive on. However, it does pay to keep your browser updated and antivirus current. What's more.... Several days ago there was......
  • AIM worm in the wild There was an article in the last few days about Instant messengers being a tempting new vector for viral infections... Well.... has information on a new AIM worm seen in the wild. It doesn't travel via a security hole, but uses the good old standby of social engineering to......
Blog Traffic Exchange Related Websites
  • The Downsides of Free Blogging Platforms for Corporate Blogging (Blogger, etc... focus on how posts may be deleted forever without warning, lack of professionalism, etc...) In a lot of different instances when it comes to blogging, making use of a free blogging platform can really come in handy. If you are writing a personal blog or a blog that......
  • Make Blogging Work for Your Business pt 2 Are you ready to make blogging work for your business? If you already know the benefits associated with corporate blogging, then the next step is to put these concepts to work by creating your own corporate blog and sharing your company with the world. This is part 2 in a......
  • My Lessons on Buying a Car. This post was originally written at the start of 2009, but has been lost on my PC until now, so I thought I'd share with you now. My wife and I just bought a new minivan, and I thought I'd share some of the lessons I learned along the way.......
PDF24    Send article as PDF   

Similar Posts

See what happened this day in history from either BBC Wikipedia
Amazon Logo

One Response to “AIM worm”

  1. Spyware Informer Says:

    M Hackers Give Away Spyware and More…

    Chris Boyd (aka Paperghost) talks more about it on Vitalsecurity and explains that the worm not only installs a number of rootkits, but also a rootkit remover (the screenshot is from his blog). The said rootkit remover is called Rootkit Revealer. Thi…

Switch to our mobile site