IDG News Service - Software recommended last week by security group w00w00 Security Development to plug a hole in America Online Inc.'s Instant Messenger (AIM) actually opens a user's system to hacker attacks and can direct the user's Web browser to pornographic Web sites, w00w00 said yesterday.
The security group was the first to publicize the hole in AIM last week (see story), prompting Dulles, Va.-based AOL to take action and correct the problem on the server side within a few days (see story). In its initial warning, w00w00 advised users to download and install a third-party program called AIM Filter for immediate protection. But that software comes with its own security problems, a member of the w00w00 team wrote in a posting to the Bugtraq mailing list late yesterday.
"At the time, Robbie Saunders' AIM Filter seemed like a nice temporary solution. Unfortunately, it instead produces cash-paid click-throughs over time intervals and contains backdoor code," Jordan Ritter wrote. The click-throughs direct the user's Web browser to advertisements using Saunders' referral code, generating commission payments for him.
W00w00 now offers a cleaned-up version of AIM Filter without these security holes, Ritter wrote. The problems with the software, which is designed to block certain AIM functions, were discovered Jan. 5, when Saunders released the source code for his filter, Ritter said in the Bugtraq posting, apologizing for the error.
AIM Filter creator Saunders said in a statement on his Web site that AIM Filter allows him to remotely obtain a user's Internet Protocol address and AIM build number. It also allows him to shut down AIM Filter on a user's system and open five "embarrassing Web sites," the statement said. The porn Web sites pop up only when AIM Filter is launched, not at time intervals, he stated.
It's unknown how many people installed AIM Filter. One AIM user in a newsgroup asked w00w00 for more detailed instructions on how to remove AIM Filter.
A buffer overflow vulnerability existed in the shared game feature of AIM, AOL said Jan. 2. Attackers could access a user's system by exploiting the vulnerability, according to w00w00.
Related stories:
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
