Instant Messaging Vulnerable To New Smiley Attacks

Instant Messaging Vulnerable To New Smiley Attacks 170

Posted by timothy on Wednesday April 01, 2009 @04:11PM from the clever-really dept.

titus writes "Security researchers Yoann Guillot and Julien Tinnes have found a way to encode malicious code into smileys and provided a proof of concept encoder to automate the process. The researchers said their discovery paves the way for IM malware that would be impossible to detect since the malicious code would be 'indistinguishable from genuine chat messages.' I've tested the proof of concept code which works very well. Time to panic?"

Instant Messaging Vulnerable To New Smiley Attacks

This discussion has been archived. No new comments can be posted.

Search 170 Comments Log In/Create an Account

Comments Filter:

:) and :-) (Score:2, Interesting)

by superpaladin ( 1521599 ) writes: on Wednesday April 01, 2009 @04:13PM (#27423203)

which is safer?

So? (Score:3, Interesting)

by CopaceticOpus ( 965603 ) writes: on Wednesday April 01, 2009 @04:36PM (#27423493)

That's nothing, I can insert malicious code into the space between [wikipedia.org] those smileys.

Did anyone actually run the code? (Score:3, Interesting)

by fader ( 107759 ) writes: <fader@@@hotpop...com> on Wednesday April 01, 2009 @04:56PM (#27423711) Homepage

I'm paranoid, as my idea of a good AFJ would be publishing genuinely malicious code as joke malicious code.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Instant Messaging Vulnerable To New Smiley Attacks 170

Instant Messaging Vulnerable To New Smiley Attacks More Login

Instant Messaging Vulnerable To New Smiley Attacks

:) and :-) (Score:2, Interesting)

So? (Score:3, Interesting)

Did anyone actually run the code? (Score:3, Interesting)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot