New Worm Chats with Users on AIM 577
goldseries writes "CNet is reporting that a new
IM worm chats with users to get them to down load a file containing a virus. The virus replicates its self and sends its self out to user's buddy lists. The virus will reply 'lol no this is not a virus.' The virus hides users from seeing the messages sent out to members of their buddy list. Viruses are evolving; now they will even talk to you."
The next generation (Score:5, Insightful)
I really do have some of our local users using vmplayer virtual machines to access the internet (the ones with Windows laptops) - and a lot of services shut down (chat, in particular) that some would like to use.
Those who know more than I (most of you) - any comments?
er... (Score:2, Insightful)
Wow! (Score:2, Insightful)
The newest front (Score:5, Insightful)
My friends, we are fighting a war: a war on stupidity.
And clearly, we are losing.
People are lazy these days... (Score:3, Insightful)
Why does all respect for grammar and spelling (and not sounding like a 12 year old) go out the window when instant messaging technology is involed (especially in a business setting)?
These lusers don't know and they don't care (Score:3, Insightful)
Re:Eliza Virus? (Score:5, Insightful)
The frightening thing is, that would probably be pretty easy to code. The net is full of freely-available pornographic stories; extract a whole bunch of phrases from those, use an Eliza-like system to select the right one for the circumstances and incorporate elements of what the user just said into your response...
You could write up a pretty effective cybersex bot, and you could program it to offer to send across 'cam pix' once in a while. Which would, of course, be virus-ridden.
Better yet, once you've written it you could have it communicate with sad lusers via SMS at, oh, 20p per message. And make a killing. Excuse me, I have an Eliza-bot to hack up with some pornography. bbl, d00dz.
Re:The newest front (Score:4, Insightful)
It's sort of like natural selection for computer users, except somebody else keeps coming in and fixing their computers...
Re:lol no this is not a virus (Score:5, Insightful)
How about fixing windows so that it uses execute bit in the filesystem, rather then the extension of the file to decide whether to execute something or not?
Re:lol no this is not a virus (Score:1, Insightful)
Re:People are lazy these days... (Score:3, Insightful)
What rot. If you're using IM for business purposes, you'd better be spending more time thinking about what to say than you spend saying it. Legally, you're putting this stuff in writing. They could log what you say over IM and use it against you later.
Assuming you are spending more time thinking about what to say than actually doing the mechanical work of typing it, then the benefit in terms of time between 'u' and 'you' becomes trivial, while the benefit in terms of your professional image between 'you' and 'u' is just as significant.
Re:The newest front (Score:5, Insightful)
Re:lol no this is not a virus (Score:4, Insightful)
No. just deny them use of computers until after rehabilitation. Now those who get broadband access AND STILL BUY AOL because it's the Internet, those are the ones to use your tactics on.
Re:lol no this is not a virus (Score:2, Insightful)
And that's all we need. Another 144 Million Zombie Bot-net.
Yeah, it'll sort itself out...when we get our "Interneational Reformat, FDISK-MBR, and Re-Install Day"
Re:lol no this is not a virus (Score:5, Insightful)
Re:lol no this is not a virus (Score:5, Insightful)
On 2000,XP and 2003 DOS apps settings are now held in two places, the registry and inside the
However, PIFs are still supported execution-wise in the OS to maintain backwards compatiblity - something that *shuold* have been eradicated/managed-out with XPs SP2 and all it's 'security' updates - something along the lines of:
'You've have tried to run the file CelineDionNaked.jpg.pif, this may not be a legitimate application. Choose Run to run the file, Delete to delete the file, and Update to convert to a Windows XP icon.'
-Jar.
The dawn of AI/Better Turing Test. (Score:3, Insightful)
Re:lol no this is not a virus (Score:4, Insightful)
Not terribly new (Score:2, Insightful)
Re:lol no this is not a virus (Score:3, Insightful)
For many people, that sentence would mean nothing other than "hit run to proceed".
Re:lol no this is not a virus (Score:3, Insightful)
Anyone that would even be remotely interested in clicking on a file that was labeled CelineDionNaked.* has more immediate and serious issues than their pWn3d w1nbl03s box.
Re:lol no this is not a virus (Score:2, Insightful)
Re:lol no this is not a virus (Score:3, Insightful)
(we'll ignore the WTF of unhiding something by unticking it)
Re:Turing tests (Score:5, Insightful)
Re:lol no this is not a virus (Score:4, Insightful)
Seriously, the problem is user education. People believe ANYTHING that appears on their computer screens, much in the same way people believe ANYTHING that appears on the TV news.
The problem we have is that too many people lack the critical thinking skills necessary to operate a computer (or watch the TV news).
Re:The newest front (Score:2, Insightful)
I'm convinced that with a less embracing justice system, these would not exist. If people know they can sue over some hot coffee, and know it has been done in the past, they'll drink everything without "CAUTION: HOT" without a hesitation.
Why should you think for yourself when you do not have to?
AIMFix removes these (Score:3, Insightful)
It is so incredibly weird seeing these stories in the media. I've been so deep into researching them and writing updates to AIMFix to keep abreast of everything that it comes as a total surprise to see a media outlet cover them. I've gotten countless emails from people who got hit by these two worms, and I've become quite familiar with the symptoms over the past few days, yet at the same time I'm uniquely ignorant of the rest of the story (the AI aspect, etc) because I only end up dealing with the nitty gritty that happens on the symptoms and removal level. Go figure.
-Jay
Re:This is old school (Score:3, Insightful)
They could probably even set up filters to prevent blacklisted urls from even being transmitted. Hell, with AOL's money and power it's highly likely they could get most of the virus sites shut down much faster than you or I can.
But if there's one thing I've learned in the years I've been fighting the IM virus battle, it's that AOL doesn't do a damn thing until it's so huge that they *have* to do something, or the media gets involved enough to make it an issue. I deal with this crap every single day. I create definitions for new virus variants for my AIMFix software, answer hundreds of emails from (usually virus infected) users, and analyze various bits and pieces of the malware themselves. Hell, I've even tracked the authors down to their home address & phone in a couple of cases. It's not like AOL couldn't take care of all of this if they really wanted to. Hell, they could even just pay me to do it full time - I work cheap
It's often frustrating to me that a relatively minor investment on the part of AOL (and other parties, I might add) could make my life a lot less busy and make the life of a virus writer that much more difficult. It's hard to see dozens of people email me in one weekend because they had their passwords stolen and their account hijacked, or hear from thousands of frustrated and upset people whose computer is suddenly a mess of spyware and ads. I can't even imagine what it'd be like to have your screen name sending out IMs to all of your friends, infecting them with the very same unpleasantness while you sit there helpless. Sure, much of that can be attributed to the end user, but AOL sits in a position to help save a lot of these people from themselves and they just aren't interested.
-Jay