IT Management Begins With Security
SecurityProNews > News > Security News > AIM Needs A Wormer
Search:
[ news_security_news ]

AIM Needs A Wormer



John Stith
Staff Writer
2005-10-31

SecurityProNews: News RSS Feed Security News RSS Feed


AOL's instant messenger network known as AIM is under assault from the nasty W32/Sdbot-ADD worm. The little bugger is passed through instant messages from members on a user's buddy list and within chat rooms.

The worm originally included an adware bundle and the lockx.exe rootkit file. The executable provides attackers access to one's computer and gives them the ability to monitor, upload or download whatever's there. This worm has the potential to infect anyone who uses AIM.

Face Time put out an alert describing the worm:

Description: New IM exploit launched through AIM, that:

Adds a lockx.exe rootkit that connects to an IRC server, awaiting remote commands from an attacker. Rootkits may be used by an intruder after cracking a computer system and often hides logins, processes, files, and logs. It may include software to intercept data from terminals, network connections, and the keyboard.

Acts as a vector for additional adware, worms and viruses

Changes a viewer's original search page to http://www.eza1netsearch.com/sp2.php

Often increases the CPU usage to 100 percent after the malware is installed

Downloads other applications, including 180Solutions, Zango, the Freepod Toolbar, MaxSearch, Media Gateway, and SearchMiracle

The thing that makes instant messenger worms nasty is they're resemblance to links sent by your chat buddy during a regular chat session. They look like a message from whomever you were chatting with and generally are clicked on rather innocently. Then the problems begin as hackers can run amok in your computer and do all kinds of vicious things.

This isn't the first run in AIM's had with worms moving through the chat client. The other side of this is other chat clients like MSN have had their problems also. People must be particularly vigilent with these because they are so easy to click on.


About the Author:
John is a staff writer for SecurityProNews covering cyber security.

More news_security_news Articles

SecurityProNews: News RSS Feed Security News RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - 1998-2008 All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds