Subscribe: Subscribe to BigBlueBallRSSSubscribe to BigBlueBall by emailEmailSubscribe to BigBlueBallTwitter


Go Back   BigBlueBall Forums > Site News & Announcements > Instant Messaging News > AIM News
Reload this Page Image Virus Spreads Via AIM
Forgot Password? Register
Connect with Facebook
Register FAQ Members List Social Groups Search Today's Posts Mark Forums Read

Reply
 
LinkBack Topic Tools
  #1 (permalink)  
Old 09-30-2004, 12:00 AM
Junior Member
  

Join Date: Mar 2001
Posts: 8
BigBlueBall News is on a distinguished road (10)
Image Virus Spreads Via AIM
Dan Ilet, ZDnet UK
September 30, 2004

A virus that exploits the recently discovered JPEG vulnerability has been discovered spreading over America Online’s instant-messaging program.

Experts at the SysAdmin Audit Network Security, or SANS, Institute said the virus is still in its infancy, with the institute having received only two reports of infection so far.

"It’s been done in the past, but with HTML code instead of the JPEG," said Johannes Ullrich, chief technical officer for SANS’ Internet Storm Center, the organization’s online-security research unit. "It is a virus, but it didn’t spread very far. We’ve only had two reports of it."

According to the Internet Storm Center, the victims received AOL Instant Messenger messages that directed them to Web sites that hosted the dangerous JPEG images.

The instant messages read: "Check out my profile, click GET INFO!" When visited, the Web site automatically sends malicious code embedded in the JPEG image to the computer, Ullrich said. Once infected with the code, the computer sends the same message to other contacts in the instant-messenger list.

The code also installs a back door that can give hackers remote control over the infected computer. Antivirus expert Mikko Hypponen of F-Secure warned on Wednesday that the JPEG exploit can also dodge antivirus technology. By default, antivirus software only scans for .exe files. And even if users change the settings on antivirus software, the JPEG file name extensions can be manipulated to avoid detection.

"We haven’t seen any damage reports of this worm," Hypponen added on Thursday. "I’ve seen some discussion, but our best estimate is that it hasn’t got very far."

Microsoft issued a patch for the vulnerability on Sept. 14 but was unavailable to comment on the virus.

Next week, Microsoft is launching a beta version of its instant-messaging product, MSN Messenger. The product will not be available to the public until it has been tested by a small group of users, the company said.

Source
Last edited by Jeff; 01-26-2005 at 08:54 PM.
Reply With Quote
 

 
Reply

« Previous Topic | Next Topic »

Currently Active Users Viewing This Topic: 1 (0 members and 1 guests)
 
Topic Tools


Similar Topics
Topic Topic Starter Forum Replies Last Post
Latest & most useful AIM programs Someguy03 AIM Support 15 10-05-2008 02:15 PM
AIM clients - How to put the lockdown on security! WhiteMateria AIM Support 14 08-02-2008 05:05 PM
AIM Virus bronxy AIM Support 1 03-07-2005 07:41 PM
Akonix Protects Against Latest AIM Virus Jeff AIM News 0 02-11-2005 08:01 PM
Is this Virus REAL? Jdbgmgr.exe? beckytjc The BigBlueBall Lounge 4 10-31-2003 04:05 AM

 

All times are GMT -5. The time now is 08:26 PM.