AIM attack?
From: Russ (Russ.Cooper_at_RC.ON.CA)
Date: 02/11/04
- Previous message: Marc Maiffret: "EEYE: Microsoft ASN.1 Library Bit String Heap Corruption"
- Next in thread: roberta bragg: "A Chance to Provide an Opinion"
- Reply: roberta bragg: "A Chance to Provide an Opinion"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 11 Feb 2004 15:24:14 -0500 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
A number of people have posted asking about something strange their
seeing in AIM.
NAI have it documented here;
http://vil.nai.com/vil/content/v_101007.htm
A chat popup occurs which includes a link and the phrase "check out this
link". It purports to display something about the capture of Osama.
Others are very polite about what they're calling it, I call it Adware.
You have to accept the terms of the installer in order for it to run,
but in those terms you agree to allow them to send the link to all of
your contacts in AIM. It will also send more spam repeatedly to those
contacts.
NAI have documented the details of where its found.
Cheers,
Russ - NTBugtraq Editor
-----
NTBugtraq Editor's Note:
Most viruses these days use spoofed email addresses. As such, using an Anti-Virus product which automatically notifies the perceived sender of a message it believes is infected may well cause more harm than good. Someone who did not actually send you a virus may receive the notification and scramble their support staff to find an infection which never existed in the first place. Suggest such notifications be disabled by whomever is responsible for your AV, or at least that the idea is considered.
-----
- Previous message: Marc Maiffret: "EEYE: Microsoft ASN.1 Library Bit String Heap Corruption"
- Next in thread: roberta bragg: "A Chance to Provide an Opinion"
- Reply: roberta bragg: "A Chance to Provide an Opinion"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
