New Worm Chats with Users on AIM

goldseries writes "CNet is reporting that a new IM worm chats with users to get them to down load a file containing a virus. The virus replicates its self and sends its self out to user's buddy lists. The virus will reply 'lol no this is not a virus.' The virus hides users from seeing the messages sent out to members of their buddy list. Viruses are evolving; now they will even talk to you."

lol no this is not a virus

[pizza_milkshake]

my God, this one will be unstoppable.

Re:lol no this is not a virus

[b4k3d b34nz]

FTA: "A new worm that targets users of America Online's AOL Instant Messenger..."

What did anyone expect?

Re:lol no this is not a virus

[$RANDOMLUSER]

My favorite book title is "AOL for Dummies" [amazon.com].

Well ya. What's your point?

Re:lol no this is not a virus

[gg3po]

My favorite book title is "AOL for Dummies".

ME TOO!!!

Re:lol no this is not a virus

[meringuoid]

my God, this one will be unstoppable.

Don't you just hate it when Insightful gets modded Funny?

I can picture it now. All these lusers whining about their toasted computers... 'But my buddy sent it to me! No, I know about viruses, so I asked if it was for real, and he said it wasn't a virus! It sounded just like him!'

How the hell is this going to be stopped? It's easy to beat the AOL Turing test, because these people use such a warped and simplified form of English that leaves out most of the quirks that give away the lack of any intelligence behind the text. Either we educate AOLusers - in English rather than in computer science - so that they use more complex language that machines can't readily mimic, or we shut down file transfers over IM.

Re:lol no this is not a virus

[Lindril]

How the hell is this going to be stopped?

It's been suggested many times, but it may now be required... euthanizing AOL users.

Re:lol no this is not a virus

[SomeoneGotMyNick]

euthanizing AOL users

No. just deny them use of computers until after rehabilitation. Now those who get broadband access AND STILL BUY AOL because it's the Internet, those are the ones to use your tactics on.

Re:lol no this is not a virus

[The Amazing Fish Boy]

Also: if we used proper grammar and spelling, I think it would be easier to filter spam. I'm not involved with the spam problem so much, but it seems to me "words" like v14gr4 would cause problems. Meanwhile if we could detect "v14gr4" isn't a word in our dictionary, we might be able to flag the email as potential spam. Then if you were working on something where the project's code name was "v14gr4" or something, the word would appear underlined, you would click it and click "Add word to dictionary." I don't know if that's even the best way, but I think if everyone used proper spelling and grammer, computer comprehension (and filtering) would be able to improve. I might be wrong.

Re:lol no this is not a virus

[volsung]

I've seen more than one person suggest a filter which would junk messages which contain more than X% (say 2-5%) misspellings. This would not only eliminate all that foreign spam which you can't read anyway, but a great many "English" spams which contain all sorts of garbage to fool keyword filters. Of course, spammers will compensate by padding emails with 98% Shakespeare, so that advantage won't last long.

As a fringe benefit it will also filter out anyone who can't be bothered to spell most of their email correctly, which might be handy for those who receive crazy rants due to their online postings. :)

get free sheikh speare!

[RedLaggedTeut]

Of course, spammers will compensate by padding emails with 98% Shakespeare

Well, at least you would have an interesting read in you inbox everyday; maybe one could develop some sort of persistant distributed storage scheme involving spam :-)

Re:lol no this is not a virus

[Wes Janson]

That would truly be a PKD moment, when average Joe is being bombarded by advertising messages that also contain large portions of Hamlet and Romeo & Juliet attached at the bottom. Surreal.

Re:lol no this is not a virus

[troon]

if everyone used proper spelling and grammer, computer comprehension (and filtering) would be able to improve.

QED. It may interest you to know how many ways there are to spell Viagra [cockeyed.com]...

Re:This is old school

[plover]

That said, people still have AV. There's still stinger. AOL might even be able to release an update that blocks where it's hooking into the main AIM program (which would, of course, be very stop gap)

I don't understand why AOL doesn't simply apply anti-bot filters when this crap is discovered. No IM protocols in use today are peer-to-peer based, they are all server based (otherwise firewalls would have prevented IM from taking off amongst the Joe Sixpack crowd.)

These bots all have distinctive signatures

Liza virus next?

[Golias]

"Why do you say I'm a virus?"
"How does thinking I'm a virus make you feel?"
"What do you mean by that?"
"Come, come. Elucidate your feelings."

Re:lol no this is not a virus

[Koiu Lpoi]

*correction*

Windows needs to be fixed so that executables renamed as PIF are NOT executed. God that's stupid.

Re:lol no this is not a virus

[tpgp]

Windows needs to be fixed so that executables renamed as PIF are NOT executed. God that's stupid.

How about fixing windows so that it uses execute bit in the filesystem, rather then the extension of the file to decide whether to execute something or not?

Re:lol no this is not a virus

[_xeno_]

Windows NT/2000/XP already have this (sorta). You can set execute privileges on files, just like in UNIX.

However, a default Windows XP install will be set up to inherit all permissions from the root of the drive, and will have the Users group set to Read, Execute, and Traverse Directories. So everything you download is by default executable, and no program I know of ever bothers to unset that. (Actually, the latest version of IE will store some metadata with executable files downloaded through it that marks the file as being "untrusted," but I think that only Windows Explorer (basically, IE itself) actually respects that metadata.)

The other thing you need to understand is that, like UNIX, you can essentially exec (on Windows, ShellExecute [microsoft.com]) any file on the system. Unlike UNIX, though, the kernel won't actually try and interpret the file. Instead the Windows API (I think) will look up the file type and send the file off to the approriate handler. So when you call ShellExecute, you're essentially acting like the user clicked on the file in Windows Explorer. To most programs like AIM, there's no difference between executing another program and opening a file in its viewer. As far as I know, there's really no way of asking Windows "are you going to just look at that, or actually run that?"

The basic point here is that while Windows XP (and NTFS) do support an Executable flag, by default it's always on. Plus the "launch file" API will also run programs, and there's really no way to be certain that a file you're launching won't essentially be an executable.

Re:lol no this is not a virus

[tpgp]

So people can send out executable jpegs? No thanks.

I said execute bit in the filesystem.

So - the virus would come in from the mail system with the execute bit set to 0, the user would have to download the file, get its properties, and tick the "execute" checkbox.

Re:lol no this is not a virus

[jim_v2000]

We have users that are already downloading zip files, opening then, running the executable and getting infected. Is it really that much harder to also check a box in order to get infected? I don't think it would make a difference.

From the TFA.....

[RITMaloney]

"When receiving a link in an instant message, the best practice is to verify with the sender if the link was sent intentionally or not."

S7uP3D UZ3R: Did you mean to send this? Or is it a virus or something?

SMERT VIRI: lol no this is not a virus

S7uP3D UZ3R: Kewl! Thnx 4 the link!

Journalists!

Re:lol no this is not a virus

[SatanicPuppy]

Sure it would. Just don't tell them how to do it.

Seriously. I think if you're too dumb to be able to right click, select properties, click the permissions tab, and select "execute", apply, and ok, then you should not be able to install the latest "Hello Kitty" mouse pointer or whatever other crap you've managed to download.

Re:lol no this is not a virus

[DrSkwid]

This user that somehow managed to Run Explorer, clicked Tools ... Folder Options, clicked the View tab and unticked "Hide file extensions of known file types".

(we'll ignore the WTF of unhiding something by unticking it)

Re:lol no this is not a virus

[MoogMan]

I can imagine it now:

dingALing!

"lol no this is not a virus. but u gotta chown root:root notavirus; chmod o+xS notavirus to read it!"

Re:lol no this is not a virus

[morgan_greywolf]

This should be moderated 'Insightful', not 'Funny'.

Seriously, the problem is user education. People believe ANYTHING that appears on their computer screens, much in the same way people believe ANYTHING that appears on the TV news.

The problem we have is that too many people lack the critical thinking skills necessary to operate a computer (or watch the TV news).

Re:lol no this is not a virus

[PitaBred]

What we need to do is start running news reports that say "Playing hopscotch on the interstate is now deemed safe by scientists" and let the problem solve itself.

Uhh... Windows DOES have the Execute "bit"

[AKosygin]

On NTFS formatted filesystems, you can use the ACL to default set it so that all files saved will not have the "Execute File" permission. You just deselect "Allow" for the line that says "Traverse Folder / Execute File" for the "CREATOR OWNER" entry and "Apply onto" "Files Only" for the scope and allow propagation down.

Or, you can go into your Group Policy Object (Local Computer or Domain) and by default in your Software Restrictions Policy disallow execution unless they were in areas of the file system you designate, I.E.: "Program Files" folder. And if I remember correctly, saved files from current versions of IM programs are saved in "My Documents" outside of the "Program Files" folder by default.

Re:lol no this is not a virus

[intangible]

How about, and here's a tough one: Microsoft unhide the @%$@#$%@ file extensions on everything by default. WTF is up with hiding them?

How many trojans are named "something.jpg.exe" or just have a picture icon, or html icon when it's truly an exe? What motard at MS thought hiding "the oh so complex" file extension was a good thing?

Seriously, this one has bugged me for years. Dumbing down computer interfaces beyond a certain point is just asking for trouble.

Re:lol no this is not a virus

[tsa]

Apple also hide file extensions by default. It's amazingly annoying, but I never here anyone complain about that, only about MS doing it. Weird.

Re:lol no this is not a virus

[Blakey Rat]

Not only that, but MacOS (even back to version 1) makes it really easy to disguise a executable as any other type of file. And from version 7.0 on, you can even paste any icon over any type of file.

But yes, nobody complains except when Microsoft does stuff like this. Goofy.

What's even goofier is that in OS X, as far as I can figure, "show file extension" is a file-specific flag, not a user-specific flag. Unless I'm missing something, it's impossible to get OS X to show file extensions on all files all th

Re:lol no this is not a virus

[NatasRevol]

In at least Panther and Tiger:

Finder>Preferences>Advanced

Tick the Show all file extensions box.

Enjoy .app all over the place.

Re:lol no this is not a virus

[Xyde]

"Show all file extensions" under Preferences in the Finder. OS X is pretty smart too, even if it's turned off, if you make a file like "pamela_nude.jpg.app" it will show the full extension cause it knows you're trying to be sneaky :)

Re:lol no this is not a virus

[ceoyoyo]

That's my point; hiding the file type in the meta-data makes it *very* each to make "jpeg" file that has the icon for a "jpeg" file but is actually an application. And since you need ResEdit, or an equivalent utility, to see the actual metadata that determines this, it's very hard to detect. Or you can hit apple-i (File|Get Info for the keyboard impaired) and look at the file type. OS X applications are actually folders, which you can't just download (they have to be tarred or zipped, then unpackaged on y

Re:lol no this is not a virus

[Jaruzel]

No, PIFs are now legacy.

On 2000,XP and 2003 DOS apps settings are now held in two places, the registry and inside the .LNK file (the actual shortcut).

However, PIFs are still supported execution-wise in the OS to maintain backwards compatiblity - something that *shuold* have been eradicated/managed-out with XPs SP2 and all it's 'security' updates - something along the lines of:

'You've have tried to run the file CelineDionNaked.jpg.pif, this may not be a legitimate application. Choose Run to run the file, Delete to delete the file, and Update to convert to a Windows XP icon.'

-Jar.

Re:lol no this is not a virus

[eMartin]

"You've have tried to run the file CelineDionNaked.jpg.pif, this may not be a legitimate application. Choose Run to run the file, Delete to delete the file, and Update to convert to a Windows XP icon."

For many people, that sentence would mean nothing other than "hit run to proceed".

Re:lol no this is not a virus

[gg3po]

'You've have tried to run the file CelineDionNaked.jpg.pif, this may not be a legitimate application. Choose Run to run the file, Delete to delete the file, and Update to convert to a Windows XP icon.'

Anyone that would even be remotely interested in clicking on a file that was labeled CelineDionNaked.* has more immediate and serious issues than their pWn3d w1nbl03s box.

Re:lol no this is not a virus

[g00z]

You've have tried to run the file CelineDionNaked.jpg.pif, this may not be a legitimate application. Choose Run to run the file, Delete to delete the file, and Update to convert to a Windows XP icon.'

Even if that file was a legitimate image, the damage done to my soul would be far worse than any virus could do to my computer.

Re:lol no this is not a virus

[prionic6]

This will come in to you from another AIM-user you KNOW and who is infected. Not some stranger.

Re:lol no this is not a virus

[tehshen]

You forgot to include "lol this is not flamebait" in your post.

Viruses have always talked to you

[thatguywhoiam]

Anyone remember "give me a cookie? [netlux.org]"

What is this, a turing test?

[grasshoppa]

Question: How can you tell you are talking to a virus on AIM?

Answer: It sounds more intelligent than a normal user

Re:What is this, a turing test?

[FidelCatsro]

Q: How many AIM Users does it take to propagate a worm
A: OMG 1337.101

Q: What's the difference between the average AIM user and a Worm
A: One is slimy , insidious , hard to get rid of and invades your system , the other is a self replicating program able to propagate over a network

say goodbye....

[xao gypsie]

To every 13 year old in the US and europe.....

Re:say goodbye....

[rbochan]

You say this likes it's a bad thing ;o)

Now if this would only hit battlenet servers...

It's not the first small app that will talk to you

[AviLazar]

A.L.I.C.E. [pandorabots.com]

This is a small app and she will talk with you - pretty well. So the fact these guys use something similar (it might even be this app) is no big surprise.

That's why I use Trillian..I still haven't figured out how come it won't let me download files, or even get pictures from other people or even do any kind of direct connect :D

Re:It's not the first small app that will talk to

[DickBreath]

ELIZA type programs of various flavors have been around for decades, and ran on computers that were very slow / small by today's standards. Heck, an Eliza-style program, and even its LISP interpreter could fit in 64K, or easily on half a megabyte. And that is the runtime requirement. The code itself could easily be a minor addon to a modern day malware.

If you read some classic LISP texts, such as Norvig's book on AI using Common Lisp, or another book The Elements of Artificial Intelligence, and other classic texts, there are probably a lot of algorithms that could be used.

Turn the spread of the malware into some kind of gameplay problem and use AI algorithms to optimize the "gameplay" of the spread?

The next generation

[QuaintRealist]

Honestly (and no, I'm not a programmer), the potential here scares me. It seems to me that "interactive" automated intrusion is going to be a serious issue for security. Yes, the truly prudent are (as usual) safe, but the gap between the "luser" and people like me and my co-workers is going to get smaller.

I really do have some of our local users using vmplayer virtual machines to access the internet (the ones with Windows laptops) - and a lot of services shut down (chat, in particular) that some would like to use.

Those who know more than I (most of you) - any comments?

Re:The next generation

[maxwell demon]

Well, just wait until the AI gets more advanced. Then it will first sit silently on your computer for a while and watch your chatting behaviour. And then it will try to imitate you.

Re:The next generation

[maxwell demon]

No, you misunderstood. It would at first sit there and watch you, and then, after it has learned enough about your behaviour, it contacts your buddies and tries to look like you to them.
For example, it could catch typical phrases you use, as well as about what topic you chat with whom. That way, it could manage to not only chat from your account, but at the same type look so "typically you" that your buddies would more likely accept them as you, and therefore download the virus file (the stated contents of which would also be adapted, so if you typically chat with one of your buddies about programming, then it may e.g. claim to have found a great new code analysis tool, while to the other buddy you are talking about movies with, it would be e.g. a trailer to a new movie).

Turing Test

[fuyu-no-neko]

There's 2 ways to pass the Turing Test: make the program more intelligent, or pick examiners who are more dumb. Virus writers pick the later option.

Not a virus post

[Anonymous Coward]

Tell me more about now they will even talk to you.

If it's so smart...

[Brent Spiner]

how do I know that the virus didn't submit this Slashdot article? Maybe it's just propagating more lies.

/Puts tin-foil hat on

Re:If it's so smart...

[Marsala]

lol no it's not a virus

Re:If it's so smart...

[bcmm]

We have a new /. meme on our hands people...

Re:If it's so smart...

[Viper Daimao]

$sys$meme

Re:If it's so smart...

[ThinWhiteDuke]

Well, I'm having trouble convincing myself that most Slashdot posts are not written by a virus.

I'm holding out for the one that actually talks...

[Vokkyt]

I mean, typing its own message is good and all, but not that impressive or scary. Now, when it is able to hijack the read text feature and play psychological mind tricks on me, that's impressive:

"Click the link Dave...why haven't you clicked the link? Do you not like me any more? If you don't, I could just go over here in the corner and format myself...after all, you don't like me anymore, else you would click the link..."

The only way it can get better after that is changing psychological mind tricks to Jedi mind tricks:

"You will click the link."

And when you remove the virus...

[hal2814]

And when you remove the virus it says, "I'm scared, Dave."

The newest front

[sammy baby]

The virus will reply 'lol no this is not a virus.'

My friends, we are fighting a war: a war on stupidity.

And clearly, we are losing.

Re:The newest front

[Anonymous Coward]

My friends, we are fighting a war: a war on stupidity.

It's sort of like natural selection for computer users, except somebody else keeps coming in and fixing their computers...

Re:The newest front

[Gadgetfreak]

You know, honestly, we've been fighting stupidity for quite some time now. More and more it seems like most of my fellow Americans want someone else to take responsibility, and someone else to take care of their problems for them. There's a general lack of desire to be intelligent or self-reliant. With advancing technology, more and more people begin to fall behind... it's getting to a point where people just aren't smart enough to take care of themselves.

Yup

[tacokill]

Yep. That's exactly the plan. Thanks for your comment.

Sincerely,
The US Government

Re:Not everything is a "war".

[sammy baby]

I'm not sure why Americans see fit to label nearly every struggle a "war". There is the "War" on Drugs, "War" on Terror, and now this "War" on Stupidity that you're babbling about.

Perhaps it is because you have not experienced true war, as much of Europe and the rest of the work has. Sure, you can talk about the American Civil War, but that conflict pales in comparison to the real conflict that Europe witnessed during the first half of the 20th century.

My friends, we are fighting a war: a war on humor.

And clearly, we have lost.

Landshark!

[erroneus]

Why does this remind me of the old SNL Landshark routine?

Solution

[Red Flayer]

"The virus hides users from seeing the messages sent out to members of their buddy list. Viruses are evolving; now they will even talk to you."

That's why I Touring-test every single person I ever chat with on IM clients. Sure, no one really wants to talk to me after 30 questions, but I kinda like sitting in an empty chat room.

Re:Solution

[maxwell demon]

That's why I Touring-test every single person I ever chat with on IM clients.

You mean you invite that person for a touring trip and consider anyone who rejects that offer as AI?

What would happen if...

[squoozer]

...sombody added the virus to their buddy list. It would start chating with itself. Download itself and then infect itself thus commiting suiside. A cunning ploy, I think, to rid the world of this problem.

Re:What would happen if...

[multipartmixed]

Wow, sounds like you should be working for Berman and Braga!

Does this mean?

[BushCheney08]

Does this mean that September is almost over?

Re:Does this mean?

[kbahey]

Just to put some context, this is a reference to the September that never ended [wikipedia.org].

People are lazy these days...

[jacobcaz]

• lol no this is not a virus

So it will sound like almost every other meat-head out there using instant messaging? It will blend right in! I have received less comprehendable IMs from people who would consider it a mortal sin to be anything other than professional in person or on paper.

Why does all respect for grammar and spelling (and not sounding like a 12 year old) go out the window when instant messaging technology is involed (especially in a business setting)?

Re:People are lazy these days...

[beanyk]

I have received less comprehendable IMs from people who would consider it a mortal sin to be anything other than professional in person or on paper.

Umm ... I think you meant comprehensible [reference.com]. [Yes, I know I'm being petty.]

Re:People are lazy these days...

[jacobcaz]

Because time is money even in the IM world.

Time is indeed valuable, but where in a professional setting would the equilivent of "lol" be acceptable? I can't think of anywhere I would use that, and in person or in writing most "professionals" would never dream of using that type of reduced language either.

If a person is really so busy as to be bombarded by instant messages non-stop, maybe they should evaluate what percentage are really critical and ignore the rest? That time/money saying is really all

Re:People are lazy these days...

[meringuoid]

Because time is money even in the IM world. With probably hundreds of people on that person's buddy list, chances are they're talking to multiple people at once. Why use proper grammar to talk to one person when you can ignore netiquette and talk to five people in the same time?

What rot. If you're using IM for business purposes, you'd better be spending more time thinking about what to say than you spend saying it. Legally, you're putting this stuff in writing. They could log what you say over IM and use

Re:People are lazy these days...

[Fandango]

That's why I added some autotext entries on my Sidekick to convert "u" into "you", "ur" into "your", "u're" into "you're", "b4" into "before", "l8r" into "later", etc. Now I can thumb-type more quickly and not sound like a luser.

Not too intelligent

[mcb]

I've gotten this from several people on my list in the past few days... it basically spams a message, usually the same one, every hour or so, with the same link. It just fakes the address, the real link is to: http://209.235.17.26/My_Christmas_Card.SCR [209.235.17.26]

(06:41:27) xxxx: This AIM user has sent you a Christmas Card! To open it please visit: http://greetings.aol.com/index.pd?source=greetings card?my_christmas_card.scr [aol.com]
This senders personal note: Merry Christmas!
(06:41:27) yyyy : Sorry, I ran out for a bit!
(08:42:59) xxxx: This AIM user has sent you a Christmas Card! To open it please visit: http://greetings.aol.com/index.pd?source=greetings card?my_christmas_card.scr [aol.com]
This senders personal note: Merry Christmas!

Quake 2 Ratbot

[TheFlyingGoat]

Anyone who played Quake2 must be familiar with ratbot. It would respond with "Yeah !!! I am a R A T B O T !!!!! ?? " or "Please help me !!! What is a bot ??" if someone's message included the text "ratbot". This worm reminds me of that... annoying, but in a really funny way.

The Enemy

[Moby Cock]

'lol no this is not a virus.'

That is exactly what a virus would say. The response should be:

lol, yeah, I AM a virus!!!1!!

That would be unstoppable.

Already exists

[Chemisor]

Hi, I'm a signature virus. Copy it into your sig to help me spread!

Well, my house is safe!

[Tiberius_Fel]

My house is safe. We switched my teenaged sister to a Mac, and the number of viruses entering the house quickly dropped to zero. No matter how many times I said "Don't click on the link you get in IMs...". Problem solved!

Viruses are evolving?

[nekoniku]

Viruses are evolving

Seriously now, are viruses really evolving or is it just that the techniques used by virus writers are evolving? And my Inner Philosopher wants to know if there's a difference and if this has anything to do with Intelligent Design.

I better stop now.

Good!

[Moby Cock]

Viruses are evolving; now they will even talk to you

Good! At least something will! The wife has been giving me the cold shoulder since the ... incident.

LOL

[jayayeem]

This post is not a troll

Integrated AI

[Durzel]

I'm surprised these AIM worms haven't yet integrated with those award-winning AI bots used to fool other humans (e.g. Jabberwacky [jabberwacky.com] or ALICE [alicebot.org]).

Having said that, when I asked Jabberwacky "Is this a virus?" it said "Well, I hope so." Not very reassuring..

I Remember The Old Days

[gadlaw]

I remember the old days when you'd actually get a message from someone who was a human being. Haven't seen this AIM spam bit but there is one in ICQ which is pretty crude. Says hi then sends it's link if you respond. Of course the bots have no info on themselves, have hidden ips and are easy to spot as the bots they are. The people who create and unlease these things belong in the same jail with the email spammers.

Now if the worm could just post on slashdot...

[aapold]

and ilnk the site... well, it would be unstoppable until the site crashed. But I'm sure someone would mirror the virus so it could keep rolling...

My conversation

[Sheepdot]

A conversation I had with my littlest sister this morning:

missmag: http://myspace04.myphotos.cc/clarissa17.pif [myphotos.cc]
missmag: lol thats cool
sheep.: what is cool? It's a pif, don't run those.
missmag: lol no its not its a virus
sheep.: holy crap, you're finally trying to follow in your brother's footsteps?
missmag: lol thats cool
sheep.: damn straight, I'll download it now. Let's see which of us can figure out what it does first. It'll be a game!
missmag: lol no its not its a virus
sheep.: uhhh.. I'm noticing that you're repeating yourself.
missmag: lol thats cool
sheep.: oh okay, I didn't know that's what kids were into now.
missmag: http://myspace04.myphotos.cc/clarissa17.pif [myphotos.cc]
sheep.: yeah, I knew myspace was a big hit.
sheep.: back in my day it was BBSing, we used to trade porn for games and games for porn.
missmag: lol thats cool
sheep.: yeah, it got to be really popular community-wise, but I guess you all like myspace cause it's the new "hip" thing, right?
missmag: lol no its not, its a virus
sheep.: yeah I was thinking the same thing about livejournal
missmag: lol thats cool
sheep.: Okay now I'm certain there's something wrong, Maggie, are you there?
missmag: lol no its not, its a virus
sheep.: ...

"...Viruses are evolving; now they will even talk

[Senor_Programmer]

"Viruses are evolving; now they will even talk to you."

Dear esteemed friend,

Allow me to introduce myself. I am Dr. Ebola and am employed by the Ugandan ministry of oil...

Next step, EBAY.

[neo]

The computer will take over your computer, and then start selling off items in your house that it can see in your webcam on ebay, paid to it's own paypal account. After the money comes in, it will ditch your computer leaving you with a negative score on ebay.

In terminator we gave the computer the ability to control everything, but in the real world they'll just take it for themselves.

Note

[Sheepdot]

Note: The slashdot article says 'lol no this is not a virus.' The CNET article says "lol no its not its a virus".

The dawn of AI/Better Turing Test.

[freality]

If this technique keeps on working after a while, virus writers will have effectively passed the Turing test. Though as predicted, the Turing test will end up saying more about itself (and us) than AI. Perhaps there should be a Turing Test++ that identifies AI as intelligence capable of distinguishing a human from a virus bot soley by communication over IM.

progress in AI

[penguin-collective]

Some people may be tempted to misinterpret this that there has been considerable progress in AI (artificial intelligence). Actually, however, this is more indicative of progress in NS (natural stupidity).

Trust me

[Cro Magnon]

Please post your banking information here. lol, this am not a phishing atempt!

AIMFix removes these

[jayloden]

I wrote and maintain a free AIM / IM specific antivirus tool called AIMFix [slashdot.org] that removes these two worms in several variations. I've been working with this stuff since 2003 (AIMFix is used by dozens of Universities as part of official cleaning procedure and recommendations, see the users page [jayloden.com] for details). In particular, these two worms have been eating all of my free time for the last three or four days with several variants and some new behavior (installing as services only, rather than registry keys all over the place, etc). They're also hiding as Windows filenames, but in different directories, like C:\Windows\svchost.exe (instead of system32), C:\Windows\taskmgr.exe, etc.

It is so incredibly weird seeing these stories in the media. I've been so deep into researching them and writing updates to AIMFix to keep abreast of everything that it comes as a total surprise to see a media outlet cover them. I've gotten countless emails from people who got hit by these two worms, and I've become quite familiar with the symptoms over the past few days, yet at the same time I'm uniquely ignorant of the rest of the story (the AI aspect, etc) because I only end up dealing with the nitty gritty that happens on the symptoms and removal level. Go figure.

-Jay

Re:AIMFix removes these

[jayloden]

Dammit slashdot...that link was supposed to be http://jayloden.com/aimfix.htm [jayloden.com]

If you want the binary only: http://jayloden.com/AIMFix.exe [jayloden.com]

These lusers don't know and they don't care

[Secrity]

These are the same people who also don't know and don't care that they allowed music disks to install rootkits and backdoors on their computers.

Re:Eliza Virus?

[meringuoid]

Let me know when it will have hot N3TS3X with you, and I'm in!

The frightening thing is, that would probably be pretty easy to code. The net is full of freely-available pornographic stories; extract a whole bunch of phrases from those, use an Eliza-like system to select the right one for the circumstances and incorporate elements of what the user just said into your response...

You could write up a pretty effective cybersex bot, and you could program it to offer to send across 'cam pix' once in a while. Which would, of course, be virus-ridden.

Better yet, once you've written it you could have it communicate with sad lusers via SMS at, oh, 20p per message. And make a killing. Excuse me, I have an Eliza-bot to hack up with some pornography. bbl, d00dz.

Re:Eliza Virus?

[Anonymous Coward]

I put on my robe and wizard hat.

Re:How dumb can you be?

[$RANDOMLUSER]

> Now if the NormalUser thinks it's someone normal talking to them, he's quite dumb.

Uhhhhhhhh...

Re:The one I got is much worse..

[CyricZ]

It's called W32.Girlfriend.M and not only does it talk, it won't shut the hell up!

Your mother is not your girlfriend. And when she tells you to shave your beard, to stop eating so many Fritos, and to get a job, you should listen to her!

Re:Turing tests

[wk633]

The Turing test is turning out not to be a test of artificial intelligence, but of human stupidity.