TechSpot

IM trojans on net ...

By jobeard
Feb 13, 2007
  1. Symantec Corp. researchers said that the "Storm Trojan," aka "Peacomm," is
    now spreading via AOL Instant Messenger (AIM), Google Talk and Yahoo Messenger.

    An alert to some Symantec customers pegged the new infection vector as
    "insidious" because the message -- such as the cryptic "LOL ;)" -- and the
    included URL can be dynamically updated by the attacker. Even worse,
    according to Alfred Huger, senior director of Symantec's security response
    team, "it injects a message and URL only into already-open windows. It's not
    just some random message that pops up, but it appears only to people [you are]
    already talking to. That makes the approach very effective."

    see the original article here

    IM USERS: CAVEAT EMPTOR! :knock:
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Thanks for the info jobeard.

    I.M users beware.

    Regards Howard :)
     
  3. jobeard

    jobeard TS Ambassador Topic Starter Posts: 9,315   +618

    btw: I would like to see a forum dedicated to this kind of ALERTS
    with references to the original sources (for credibility).

    Yea it's truely security related, but a separate forum would assist users to
    review and find current information more readily.
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    That might not be bad idea jobeard. If you put in a request in our Site feedback and suggestions forum, I`m sure Julio will consider it and give his verdict.

    Regards Howard :)
     
  5. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    So the only way it could be installed would be by clicking a link in the IM?

    Or would any open browser windows immediately change location, to a malicious site that would use active content?
     
  6. jobeard

    jobeard TS Ambassador Topic Starter Posts: 9,315   +618

    It's not browser related (IE, FF, Opera) but the IM client on the system,
    and no, you don't have to click a thing to get infected!
    :mad: :knock: :hotbounce :evil: :dead: :blackeye: and any/all other emotions one can express in public.
     
  7. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    so when I'm talking to Rik (the only guy I have the PM address for) this thing could infect me? I know essentially nothing about IM.
     
  8. jobeard

    jobeard TS Ambassador Topic Starter Posts: 9,315   +618

    anyone on your buddy list can infect you --
    very similar to enabling file/print sharing --
    it only takes one bad apple and not even by bad intent.
     
  9. kitty500cat

    kitty500cat TS Evangelist Posts: 2,154   +6

    So I'll keep checking my HJT logs...

    thx
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...