New worm spreads through AOL Instant Messenger

Attack comes from contacts on a user's buddy list


20 September 2006 16:27 GMT / By Amber Maitland

Computer security analyst FaceTime has found a nasty hack that uses AOL Instant Messenger to install malware on targeted computers.

The worm, called W32.pipeline, conceals itself by looking like a harmless Jpeg that a known online buddy sends with the message, “hey would it be okay if I upload this picture of you to my blog?”. If the user accepts, then it asks him or her to click on an upload link, but a command file, image18.com downloads itself.

If the user runs the file, thinking it’s an innocent JPEG, a file called csts.exe is created and installs inself in system32. The computer then becomes part of a botnet, or group of computers remotely controlled to distribute further attacks. After a number of computers have been harnessed, the hacker can launch a DoS attack or click fraud operation.

Antivirus programs have yet to catch up with the growing sophistication of instant messaging attacks, and hackers are becoming bolder. A FaceTime spokesperson commented on the particular sophistication of this attack, which focuses on lining up a chain of PCs to create a pipeline that can be controlled by the botnet.
Full tags
Software, Online, Instant messaging, AOL, Viruses And Malware

share print story pdf email story

Recommended articles

Search

Loading

Best iPad 2 apps

We detail the best iPad 2 and iPad apps in the app store Which iPad app should you download?

Windows 8

All the features and details of the new Microsoft operating system explained What's new in Windows 8?

iPad 3 rumours

What comes next? We look at the possible features, leaks, images, specs and more

Pocket-lint poll

Q. Will you be buying a PS Vita?

Vote YES Vote NO

» LAST TIME
When asked Will Samsung be making a mistake if the Galaxy S III isn't shown at Mobile World Congress in February? 51% said yes and 49% said no