AIM Bots

On November 16, AOL added a “AIM Bots” group to AIM users buddy list. This group contained buddies Moviephone and ShoppingBuddy. A popup indicated that the bots had been added, but it was not clear who really added the new buddies or why. Apparently AIM was seeking to promote knowledge about the bots, which are …

Continue reading ‘AIM Bots’ »

IM virus

I had some users passing around an IM virus today. I’m still trying to get a handle on what virus it was to make cleaning it easier. The users sent “YAY!! http;//home.earthlink.net/~lzingelmann/IMG0099.com” to each other. I downloaded img0099.com and submitted it to Symantec (haven’t heard back yet) as well as virus total. Virustotal.com saw a …

Continue reading ‘IM virus’ »

W32.Velkbot.a – IM Virus

W32.Velkbot.a when executed sends a message to all MSN Messenger, Yahoo Messenger, and AIM contacts on the compromised computer. The message is as follows: “rofl http://albound.com/pictures.php /r[email_address]” The recipient must click on the link and download/execute the file to become infected. Once infected you’ll have %system%\winmsg.exe along with the usual run registry keys. Additional bits …

Continue reading ‘W32.Velkbot.a – IM Virus’ »

IM Security Challenge

Instant Messaging presents the same vulnerabilities as email, yet it is not protected in nearly the same manner. Corporations have dumped money on preventing email viruses but every other port is left untamed. Potential Problems: 1. Application attacks. Such attacks are possible if IM client software is not kept up to date. Generally speaking companies …

Continue reading ‘IM Security Challenge’ »

AOL’s Security Ads, Another View

I recently posted about my love for the new series of AOL ads. They highlight the fact that users don’t set out to have security disasters and lose their term papers and family photos to a virus. They don’t set out have their online experience be horrible because of porno spam and spyware. They just …

Continue reading ‘AOL’s Security Ads, Another View’ »

aimBot

Saw this posted over on NTBugtraq. Sharp-ideas.net has an example program that uses AIM to run programs and send the result back to the requester. Basically a wrapper interacts with the person sending the message and it runs a basic set of commands. The example uses nmap, but a fleet of hacking/reconnaissance tools could potentially …

Continue reading ‘aimBot’ »