When Google Talk first came out, many people were excited that they were using the protocol that jabber is built on. There were also disappointments that ALL of the protocol hadn’t been implemented. In fact, the biggest disappointment many had was that a jabber.org instant messenger user could not IM with a gmail.com user. That has all changed…. Google Talk now does “open federation” which basically means IM requests can be passed along from one server to another until it get’s to the server that the IM user is registered with.
Tag: IM
-
AIM worm
Strange AIM worm going around. It apparently includes an interesting combination of rootkits, a rootkit detector, spyware/adware, and a specialized bittorrent client. The machines can then be controlled through IRC. Source seems to be the Middle East…
IM hackers then control a global botnet where their infections can be tested and payloads are pushed. Facetime traced these hackers to the Middle East.
The same IM hackers sent movies by way of IRC and their own version of BitTorrent, installing it without consent. Now the IM hackers are back with more, nastier malware, Rootkit Revealer and adware from 180solutions/Zango. -
Fake MS Messenger 8 beta and other IM warnings…
F-Secure is warning about ads for a “leaked version” of Windows Messenger 8 beta. There is no public beta of this and it is a virus….
If you download and run BETA8WEBINSTALL.EXE from that site, you won’t get a new chat client. Instead, your existing MSN Messenger will start to send download links to everyone in your contact list. It also connects your machine to a botnet server.
-
More on the Santa IM worm
There are a couple of stories out about the Santa IM worm, otherwise known as IM.GiftCom.All. First up Sans has some interesting analysis of it. It appears that it’s being hosted at 69.56.129.67, when run it resolves smtp.girlsontheblock.com to 38.118.133.241 and attempts to open tcp port 53. It renames itself as c:\windows\winrpc.exe and sets up shop as “Windows RPC Services”. They’re saying instead of a worm it should be more accurately termed a bot with replicating capabilities, it is reliant on controls from an outside site. (From their analysis I presume the 69. ip address above?)
-
The Santa Worm
More coverage is being given to the instant messaging worm that poses as a come on for a Santa Claus related site today. The only thing I think that I left out in last nights post was the name of the bug… IM.GiftCom.All On visiting the advertised site a rootkit is installed on the visiting machine.
-
IM worm acts as a come on to a Santa Claus site
According to Information Week, there’s a new IM worm out hitting the MSN, ICQ, Yahoo and AIM networks. It poses as a come on for a Santa Claus site. On visiting the site, users receive an unexpected “present” a rootkit which is hidden.
-
Google Talk update – Instant messenger service already live
I found a post at slashdot that Google Talk is already live. Earlier in the day there was talk (sorry…) that they were using Jabber. It looks like this person has found a way to login with his Gmail address and password and is (using a jabber compatible client) logged in to Google Talk.