This HackŒs Sights Set on AIM

BigBlueBall News · #1 (**permalink**) 09-24-2001, 12:00 AM

Wired News

September 24, 2001

Users of America OnlineŒs popular Instant Messenger Service may actually be communicating with malicious hackers.

Hackers say itŒs easy to take over AIM accounts and pose as the user whose account has been commandeered, using several hacking programs that are in wide circulation on the Internet.

America OnlineŒs Instant Messenger program allows users to send instant text messages and transfer files to each other. Most AIM users create a "buddy list," a personal directory of their friends and family who use the service. Hackers who take over an account have full access to that accountŒs buddy list.

Accounts that have been taken over can then be used to distribute viruses by sending infested files from a "buddy."

Hackers who are familiar with the program said that hundreds of AIM accounts have been "stolen," and claim that America Online (AOL) is aware of the problem, but has not fixed the programming error that allows the attack.

Instead, they charge AOL has focused most of its attention on pushing to have the websites that house the hacking program taken offline, relying on temporary and ineffectual fixes to plug the security hole.

AOL spokesman Nicholas Graham responded to a request for comment on whether AOL was aware of and had any plans to permanently fix the hole with a statement that read: "AIM 4.7 is the most secure version we have provided to the over 100 million worldwide users of the AIM product. We constantly make upgrades and improvements to the AIM product. We are aware of the issue, and we continue to assess this report."

There are several applications that allow malicious hackers to hijack AIM accounts. Two of the best known are "AOLThief" and "AimThief."

The applications allow users to create fake accounts using the screen name of an existing AIM account. The accounts are then used to access AOLŒs account management system, which allows the hacker to change the real account holderŒs AIM password.

Once the password has been changed, the real account owner is locked out of the account, but the account is still active.

Tests conducted with the permission of several AIM users proved that the programs work.

AOLThief and AimThief use the new account sign-up certificates that AOL uses in its advertising and promotions, and stolen credit card numbers to create fake accounts. The certificate and a credit card number are included in some versions of the hacking application; other versions require users to supply the numbers themselves.

Requests for comment on what AIM users should do to protect themselves against this exploit went unanswered by AOL.

Hackers suggest that AIM users change their screen names to include more than 10 characters, since only instant messenger accounts with user screen names containing 10 characters or less are vulnerable to this hack.

The first AIM hacking program is credited to a hacker known as "Hypah," who created a PC version of AOLThief that no longer works. But other hackers continue to update the application.

A hacker known as "Mancow" recently released an altered and very capable version for the Macintosh hacker community, according to Nicholas Raba from SecureMac, a Macintosh security site.

Mancow said Hypah had included some "protection" features in the original program that allowed Hypah to access details of all AIMThief user activities, along with details about the usersŒ own Internet accounts.

"IŒm a hacker, IŒll say that point blank. But I do not like any kind of program that spies on me," Mancow said. "Therefore I performed some disassembling of the program, carefully analyzed the packets it sends out with a packet-sniffer, and altered the program to block the protection schemes."

Mancow said he then released the most recent version of the program to a "syndicate of AOL enthusiasts" several months ago and later publicly made the program available on two websites.

America Online representatives then e-mailed the owners of those websites and their Internet access providers in an attempt to have the product pulled off the websites, threatening legal action if they did not comply, Mancow said.

[Discuss]

http://www.wired.com/news/technology/0,1282,47072,00.html

Similar Topics
Topic	Topic Starter	Forum	Replies	Last Post
AIM video chat problem	efrady	AIM Support	18	06-18-2009 05:44 AM
Latest & most useful AIM programs	Someguy03	AIM Support	15	10-05-2008 02:15 PM
AIM clients - How to put the lockdown on security!	WhiteMateria	AIM Support	14	08-02-2008 05:05 PM
MSN Webcam	fwalg	Windows Live Messenger Support	0	02-16-2005 02:31 AM
Help: New Aim Problem Never Encountered On This Board!!!!	Fleshka	AIM Support	2	02-13-2005 08:48 PM

THE BASICS About us BigBlueBall Blog Contact us	NEWS & REFERENCE Instant Messaging Social Networks Mobile Tech View all categories	DISCUSSION FORUMS Instant Messaging Social Networks Mobile Tech Computer Support View all forums	COMMUNITY Fan us on Facebook Follow us on Twitter Bookmark us on Delicious Subscribe to our RSS feed BigBlueBall badges	CONTRIBUTE Advertise on BigBlueBall Write for us Report a site bug
	Copyright © 2000-2009 BigBlueBall · All rights reserved · Privacy Powered by vBulletin® Copyright ©2000 - 2010, Jelsoft Enterprises Ltd. · Search Engine Friendly URLs by vBSEO 3.2.0

Currently Active Users Viewing This Topic: 1 (0 members and 1 guests)