resource center
  See your link here
|
IDG News Service -
A new form of malicious instant-message bot is on the loose that talks back to the user, possibly signifying a potentially dangerous trend, an instant messaging security firm said.
IMlogic Inc. issued the warning late yesterday after citing a recent example of such a malicious bot. On Monday, the company first published details of a new threat known as IM.Myspace04.AIM. Once the computer of an America Online Inc. IM user is infected, the bot sends messages to people on the infected user's buddy list, making the messages appear to come from the infected user. The user isn't aware that the messages are being sent. If recipients click on a URL sent with a message, they will also become infected and start spreading the virus.
A bot is a program that can automatically interact with people or other programs. AOL, for example, has bots that let users ask questions via IM, such as directory queries, and the bot responds.
The unusual part of this malicious bot is that it replies to messages. If a recipient responds after the initial message, the bot replies with messages such as "lol no its not its a virus" and "lol thats cool." Because the bot mimics a live user interaction, it could increase infection rates, IMlogic said.
IMlogic continues to analyze this threat but so far it seems to only be propagating and not otherwise affecting users.
An AOL spokesman said today that the company's IT staff has not yet seen the bot appear on its network. The company said it reminds its users not to click on links inside IM messages unless the user can confirm that he knows the sender and what is being sent.
Some similar IM worms install spybots or keyloggers onto users' computers, said Sean Doherty, IMlogic's director of services in Europe, the Middle East and Africa. Such malicious programs record key strokes or other user activity in an effort to discover user passwords or other information.
"What we're seeing with some of these worms is they vary quickly, so the initial one may be a probe to see how well it infected users, and then a later variant will be one that may put a spybot out," Doherty said. The initial worm could be essentially a proof of concept coming from the malware writers, he said.
Computerworld staff writer Todd Weiss contributed to this article.
IDG.net
Share our Strength
Download Now
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Top 10 Things to Know about Data Protection
Download Now
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...
Ponemon Study: The Business Risk of a Lost Laptop
Download Now
Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.
Airport Insecurity: The Case of Lost Laptops
Download Now
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...
Sign up to receive updates on the latest Security resources
CIO
Computerworld
CSO
DEMO
GamePro
Games.net
IDC
IDG
IDG Connect
IDG Knowledge Hub
IDG TechNetwork
IDG Ventures
IDG.net
InfoWorld
ITwhitepapers
ITworld
JavaWorld
LinuxWorld
Macworld
Network World
PC World
The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission ofComputerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc. |
