New worm using AIM to spread

By Justin Mann on September 18, 2006, 6:40 PM
AIM users beware, a new worm has been unleashed that is making its rounds, trying to trick AIM users into clicking a link. Of course, the relatively benign looking message will end up infecting your machine (in some circumstances), turning your machine into a bot, which in turn will spread the worm further. Not just for the purpose of infecting multiple machines, advertising is playing a role in the development and strategy of this new baddie:

Repeated calls are made to a domain (freewebsites.com) that offers "free webhosting" in return for them placing what they call a small advert on your website. You can read more about this "small advert" here - I'd write more about it, but it's not relevant to this story so I'm keeping it separate. As you'll see a little later on, the reason this particular domain is constantly lighting up on the radar is due to the Botnet activity involved in this particular infection.
Tsk tsk. In some instances, your machine will become a part of a larger botnet, and could be used to download files onto and upload them to new PCs as well. Since it relies on just a link and a web exploit, potentially any IM client could be the vessel, so be careful. No word on what AV suites will currently prevent or cure this, but I'm sure we'll hear from them soon.




User Comments: 1

Got something to say? Post a comment
TimeParadoX said:
So this only runs on AIM? I run only MSN and dont want to accedently click a link on MSN that does the same thing.
Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.