AOL
First instance of a rootkit coming through IM, warns security firm
R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com
ADVERTISEMENT

Worm turns on AOL chat service

Talk is not cheap

Ken Young, vnunet.com 31 Oct 2005
ADVERTISEMENT

Security researchers have identified a worm spreading through AOL's instant messaging client and chat rooms.

The rootkit file is being passed through instant messages from members on a user's 'buddy' list. Bundled with the previously identified W32/Sdbot-ADD worm, the lockx.exe rootkit file is installed when users click on the link within the IM window.

Although the worm is not new, this is its first appearance on AOL's AIM system. Even more concerning is that rootkits have not previously been spread via IM.

"This is the first instance of a rootkit coming through the IM vector," said Tyler Wells, senior director of engineering at FaceTime Communications.

FaceTime discovered the rootkit using honeypots monitoring IM networks, websites and chat rooms for malicious content and URLs.

The company said in a statement that the rootkit could give an attacker access to, and remote control of, the PC and could steal information or promulgate more viruses by using the PC in a 'bot' network.

W32/Sdbot-ADD seems particularly dangerous and can be passed along to users on the buddy list.

The rootkit can shut down antivirus software, alter the user's search page, push CPU usage to 100 per cent and automatically download unwanted programs such as 180Solutions, Zango, MaxSearch and others.

AOL said that it is looking into the problem.

See also:

AOL hit by IM virus
Company still a top target  28 Oct 2005
Phishing
AOL unscathed after phishing attack
Servers safe after phishers blocked  28 Sep 2005
AOL branded most infected network
ISP accused of hosting more zombie PCs than any other network  15 Jun 2005

All Hacking

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
Software Test Engineer
| JAM Recruitment
Software Test Engineer 6 Weeks Contract £ 35 per hour Wiltshire We have an urgent need for a Software Test Engineer. Main Duties: ·Sound understanding of full software lifecycle ·Solid experience in requirements analysis ·Requirements ... more >
Software Test Engineer
| JAM Recruitment
Software Test Engineer 3 Months Contract £35 per hour Wiltshire We have an urgent need for a Software Test Engineer. Main Duties: ·Sound understanding of full software lifecycle ·Solid experience in requirements analysis ·Requirements based ... more >
Business Analyst
| Aston Carter
Major Investment Bank requires a Business Analyst to work within reference data IT. The reference data IT function is responsible for the three internal systems. One of the systems is a strategic repository for Client ... more >
Occupational Health Opportunities
| JAM Recruitment
Job Ref: CY - 27021979 Package: £25 – 42,000 +Bens Location: YORKSHIRE Job type: Occupational Health Position type: Permanent Hours: Full time Contact name: Mr Colin Youle Contact Company: JAM HUMAN RESOURCES Are you a ... more >
More job opportunities
Accountancy Age
Active Home
Best Practice
Computeractive
Computing
Computing Business
CRN
Financial Director
Infomatics
Information World Review
IT Week
Management Consultancy
Network IT Week
Personal Computer World
PC Magazine
VNU Web seminars
vnunet.com
Webactive
What PC?
Useful links: About vnu network | Privacy policy | Terms & conditions
Access keys | Top of page | Feedback
VNU Business Publications
© 1995-2008 All rights reserved
VNU Business Publications Ltd., 32-34 Broadwick Street, London, W1A 2HG, is a company registered in England and Wales with company number 01513633
part of part of vnu.net europe