Mobility Site Minute

Mobilitysite Contests

Mobility Site Videos

Mobilitysite Polls

Mobilitysite Reviews

Home » Off topic

Be careful if you use AIM

Posted by Jack Cook on September 20, 2006 – 8:26 am  Share
closeThis post was published 3 years 2 months 3 days ago.
It\'s is possible that the information within this article is now out of date or updated.

There is a highly sophisticated worm spreading via AOL Instant Messenger that researchers are saying is extremely difficult to put down.

Called the W32.pipeline, it appears to have been sent via a buddy. A message appears saying: “Hey, would it be okay if I upload this picture of you to my blog?” Clicking on the link starts an executable file appears as if a JPEG file is downloading…but it is not.

From FaceTime:

Once the user’s PC is infected, it becomes part of a botnet and is under complete control of the hacker to use for a variety of purposes that could include relaying SPAM, performing distributed denial-of-service (DDoS) attacks on other computers or committing financial fraud against online advertisers – commonly called click-fraud. In addition, the potential is high for loss of sensitive personal data stored on the user’s PC.

Like many IM worms, W32.pipeline first appears as an instant message from a familiar contact, luring users into clicking on a link with a contextual phrase. The IM message “hey would it okay if i upload this picture of you to my blog?” downloads a command file called image18.com, which is disguised as a JPEG. Running the file results in csts.exe being created in the user’s system32 folder, part of the Windows operating system.

Post to Twitter Post to Yahoo Buzz Post to Delicious Post to Digg Post to Facebook Post to Ping.fm Post to StumbleUpon

Jack Cook (2693 Posts) - Website | Twitter | Facebook





You can also participate in other conversation in our active forums with 200,000 other Members. It only takes 2 minutes to sign up one time for free in the forums.

blog comments powered by Disqus