The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

IM worm lures users to the dark side

Posted by Xavier Ashe on June 1, 2005

Users of AOL and Yahoo instant messaging clients have been bombarded with a phishing attack that plays on the current interest in Star Wars.

Yahoo users have received messages urging them to try out an online Star Wars game, but are directed to a phishing site which tries to steal log-in details.

AOL
users have also received a URL in instant messaging spam, with the
header 'hehe i found this funny movie'. Clicking on the link downloads
a Trojan known as Funmov.a, which allows remote control of PCs via IRC channels.

Read the full story at vnunet.com
IM has always been a big security hole, and up until recently no one
has noticed.  The IT Managers likes talking to his wife on IM, so
he is not going to get excited about turning it off, or worst yet,
installing and managing a separate corporate IM.  It is a hard
problem to solve, if you don't want to solve it.

The best protection from IM hell is to employ a deep packet scanning firewall and an intrusion prevention system.  Then your IT Manager can continue chatting away…

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: