New AIM threat from 'talking' worm
By Steve Malone
Posted on 8 Dec 2005 at 10:44
A new threat has emerged for user of AOL Instant Messenger - a virus that 'talks' to the victim. The new talking virus tries to convince the target user that it is not malicious and encourages them to visit a site that, of course, contains the malicious code.
The worm, known as IM.Myspace04.AIM broadcasts to other users from an infected machine. It does not intend to hold intelligent conversations over the AIM service but merely puts up random responses to messages. These include posts such as `lol no its not its a virus' and 'lol thats cool' and in many ways acts just like a typical AIM user. However, it will also point to a .pif file on the myphotos.cc domain.
The carrier file known as 'clarissa17.pif,' will then install a backdoor, as well as changing system files. More insidiously, it will also attempt to disable any anti-virus software that is running on the machine. After performing the changes to the system, it will then attempt to replicate itself to contacts on the victim's buddy list.
The company which has issued the alert, IMLogic, also warns that the worm cloaks the messages it sends from the user's IM client who may therefore have no clue that their machine is infected.
Currently, the worm is not particularly widespread although any novel malware is likely to attract copycat attackers. As ever the advice is to keep anti-virus protection fully up to date and do not visit suspect pages or open files. Users should be on their guard against spontaneous chats from people on their buddy list who are suddenly speaking in a peculiar manner. AIM users should be particularly wary of messages leading to pages containing .pif files, even if they are holding you in a fascinating IM conversation.
- Hands on with the new Google Maps
- Nokia Lumia 925 review: first look
- Why I won't subscribe to Creative Cloud
- GoPro camera strapped to a remote-control helicopter: the ultimate boy's toy
- Acer Iconia A1 review: first look
- Acer Aspire P3 review: first look
- Acer Aspire R7 review: first look
- How we produce the PC Pro podcast
- Google Now draining iPhone battery
- The government website that doesn't work with IE, Chrome, Firefox, Safari, Macs or smartphones
- Yes, I write down my passwords
- How to deal with a ransomware attack
- How secure is your Wi-Fi network?
- How QR codes caught out the security pros
- Why I do not trust Do Not Track... yet
- The hard disks you can "secure" with a single-digit password
- Why I've started using a password manager
- Time to kill off CAPTCHA
- Are today's young people Generation I (for insecure)?
- Ransomware that's better made than antivirus software