Websense ALERT: AOL IM Worm propagating

Home » Windows & System Security » Security News and Software Updates &... » Websense ALERT: AOL IM Worm propagating

Rate Topic

Display Mode

Topic Options

Author

Message

quietman7

Posted 5/3/2005 1:05 PM

Forum Moderator

Group: Moderators
Last Login: 8/8/2008 6:28 AM
Posts: 2,748, Visits: 7,025

Websense® Security Labs™ has received several reports of a new IM Worm spreading on the AOL Instant Messenger network. Users receive a message requesting that they visit one of two websites. Both sites are hosted on the same domain in New Jersey and appear to have been taken down as of this morning. The URLs ended in "pictures.php" and "pictures.com".

Upon clicking on the URL, several pieces of malicious code are downloaded and installed on the local machine. These include:

* An unidentified Trojan Horse downloader which connects to seven separate websites to download other proxies, downloaders, and backdoors

* A Trojan Horse Backdoor (Backdoor.Win32.Agent.jn / Troj/Oscabot..a)

* A Spyware Toolbar ( Trojan-Downloader.Win32.IstBar)

__________________________________________

"THE BAD GUYS DON'T NEED A SEARCH WARRANT. ARE YOU PROTECTED?"

Microsoft MVP - Windows Security

Post #160526

« Prev Topic | Next Topic »

Reading This Topic

All times are GMT -6:00, Time now is 4:57pm