Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security The Internet

Santa IM Worm Hits AOL, MSN and Yahoo 149

Posted by samzenpus from the bad-santa dept.
elmtree95 writes "CNET News reports A Santa Claus worm is attempting to trick America Online, Microsoft MSN and Yahoo instant-messaging users into clicking on a file that delivers unwanted software to a victim's computer. The IM.GiftCom.All worm attempts to dupe IM users into thinking an acquaintance has sent them a link to a harmless Santa Claus file. IM security vendor ELMTree Software has released a patch to their ChatPatrol (www.chatpatrol.com) product to address this issue."
This discussion has been archived. No new comments can be posted.

Santa IM Worm Hits AOL, MSN and Yahoo More

Santa IM Worm Hits AOL, MSN and Yahoo

Comments Filter:

  • Re:How does it work? (Score:3, Informative)

    by setirw ( 854029 ) on Thursday December 22, 2005 @01:14AM (#14315127) Homepage
    Not necessarily. It could be linked to an EXE or PIF, which a naïve user would open. If the target ignores all browsers' warnings about harmful EXEs, in combination with Windows's hiding of file extensions... (somefile).jpg .exe is something I've seen many times. By the way: Does IE prompt that PIF/BAT files are potentially dangerous when downloading? How about VB scripts?

  • Re:User's fault again (Score:2, Informative)

    by mattmacf ( 901678 ) <mattmacf@optGIRA ... minus herbivore> on Thursday December 22, 2005 @01:17AM (#14315138) Homepage
    taking the warnings off doesnt help when a worm installed across several thousand idiots starts DOSsing a site im trying to get to. licking a 110v wire shouldnt knock my power out.

    regardless, it looks like just another silly aim worm (albeit with a festive holiday flair).

  • Re:How does it work? (Score:2, Informative)

    by thesnarky1 ( 846799 ) on Thursday December 22, 2005 @01:48AM (#14315250) Homepage
    If you remember the other big IM worm a few weeks (months?) ago, browser didn't matter. Just user stupidity. So, as I said then, tell your friends and family to NOT CLICK LINKS! Unless of course, whomever im'ed them can repeat a phrase, such as "I AM a bot, you stupid fool!!!" Security at its finest.

  • Re:ChatPatrol (Score:4, Informative)

    by Anonymous Coward on Thursday December 22, 2005 @02:36AM (#14315403)
    It's not even a ripoff of Gaim, it's just a lousy non-free, non-Free, Windows-only plugin for the commercial IM clients, being hawked using an account which is employed for that purpose only. elmtree95's one and only /. post [slashdot.org].

    Does it install a clue for users silly enough to download and run executables being pushed by anonymous strangers?

    "IM security vendor." How pathetic.

    Editors, please don't put spam stories like this on the site. That's all it is.

  • Re:How much does a story like this cost? (Score:4, Informative)

    by detlev409 ( 673380 ) on Thursday December 22, 2005 @03:37AM (#14315547)
    Agreed. I call shenanigans. Check out Elmtree's profile [slashdot.org]. This account was created with the express purpose of promoting the ChatPatrol product.

    This is nothing more than an underhanded marketing attempt, piggybacking on a genuine virus alert. OOoo...the shadiness...

  • Re:WTF? (Score:3, Informative)

    by MntlChaos ( 602380 ) on Thursday December 22, 2005 @04:07AM (#14315647)
    except they're not random people. You'd think they were your friends.

  • Re:How does it work? (Score:3, Informative)

    by Anonymous Coward on Thursday December 22, 2005 @05:43AM (#14315985)
    It's a '.com' (like command.com) file being distributed. User clicks accept to start the file transfer. On completion, the IM client turns the filename into a clickable link which, if clicked, starts the malicious component.

Slashdot Top Deals

Intel CPUs are not defective, they just act that way. -- Henry Spencer

Close