Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Santa Claus worm strikes IM clients

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Santa Claus worm strikes IM clients
Date: Thu, 22 Dec 2005 01:05:28 -0600 (CST) 
http://www.networkworld.com/news/2005/122005-santa-claus-worm.html

By Tom Krazit
IDG News Service
12/21/05

The Santa Claus worm doesn't care whether you've been naughty or nice,
but it's making a list of PCs to infect this holiday season, according
to a threat alert released by security firm IMlogic on Tuesday.

A new instant messaging worm called IM.GiftCom.All is making the
rounds this holiday season. Rated as a "medium" threat by IMlogic, the
worm attempts to get users of the instant-messaging networks run by
AOL, Yahoo and Microsoft to visit a seemingly festive Web site
featuring Santa Claus.

The message comes from someone already present on a user's "buddy
list," said Art Gilliland, vice president of products for IMlogic. It
contains a supposed link to a URL starting with
"santaclause.aol.com/....."

However, clicking on that link takes users to a different Web site and
triggers the download of a malicious file to a user's PC, Gilliland
said. That file is created using rootkit techniques, making it
extremely difficult to detect with conventional antivirus or operating
system tools, he said. Once resident on a system, the file tries to
shut down anti-virus software and collects personal information that
can be redistributed over the Internet.

IMlogic has not recorded an instance where that personal information
was actually sent out to the Internet, but the program does log
information, Gilliland said.

Users are advised to avoid clicking on anything sent through an IM
system unless they have verified that the file or picture is
legitimate and the sender intended to pass it along, Gilliland said.  
IMlogic recently identified an IM bot that produces canned assurances
that a file is legitimate when the recipient replies to check its
authenticity, so it's important to take extra care to verify the
sender's intentions, he said.



_________________________________________
Earn your Master's degree in Information Security ONLINE
www.msia.norwich.edu/csi
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Santa Claus worm strikes IM clients, InfoSec News <=
Previous by Date:  [ISN] Security UPDATE -- Recipe for Disaster -- December 21, 2005, InfoSec News
Next by Date:  [ISN] Diebold Hack Hints at Wider Flaws, InfoSec News
Previous by Thread:  [ISN] Security UPDATE -- Recipe for Disaster -- December 21, 2005, InfoSec News
Next by Thread:  [ISN] Diebold Hack Hints at Wider Flaws, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]