Bingalau 10:24 14 Feb 07

Just got this from the American site "World Start"

February Security Advisory

The Storm Worm is back and this time, it’s an all out war. A couple of weeks back, I wrote an article describing some new Trojans that carried a subject line regarding a huge storm battering the shores of Europe. The Worm was unique in a few ways that made it extremely difficult, if not impossible, to track down or shut down.

The new Storm Worm or Peacomm, as it is called, is a different animal, as far as the avenue of attack. But, other than that, it's business as usual. Instead of catchy, hard to ignore e-mails, the new attack takes advantage of some of the more popular instant messengers out there. Google Talk, AIM and the Yahoo! Messenger are being targeted, in particular. This evolution of the Storm Worm is very subtle in its attempts to capture unsuspecting systems. Now, it doesn’t broadcast its content via spam, but instead, it injects a message along with a URL into another already open chat window. It inserts something like a message with a smileycon and a URL. This could then intrigue and ensnare any curious individual or someone who may be engaged in a text message and might not think twice about interacting with it.

As with its predecessor, the thing that really makes this virus stand out is the way in which it handles its prey. An infected machine will become a zombie in a botnet where the successful attacker can then do what they want with your machine. The botnet is built using the P2P technology, which has no central server. It’s like the PCs that are infected are part of the botnet and they all act collectively as one. If one unit is taken out, the network simply cuts its losses and carries on with the mission. This lack of static central control also creates huge obstacles for forces attempting to stop these types of attacks.

If you are someone who likes to use their instant messenger, then I would take some extra precautions until this threat is under control. For instance, most antivirus solutions today have settings that pertain directly to instant messengers. Familiarize yourself with this component and how it works. I would also highly suggest not linking out to any URLs that come from your instant messenger, especially if they seem to come out of nowhere. If you do need/want to open a link from your instant messenger, make sure the other person you're talking to did actually send the attachment.


  p;3 14:25 14 Feb 07

sounds just like a guest I might give house room to.......NOT::))
oddly enough I can recall a conversation at work about this critter today

This thread is now locked and can not be replied to.

Sniper Elite 4 review: Headshotting Nazis has never felt so good

1995-2015: How technology has changed the world in 20 years

The Best Design, Illustration, Animation and VFX Awards of 2017

WWDC 2017 dates: How to get WWDC 2017 tickets, when is WWDC 2017 and more details announced