A new worm that targets users of America Online's AOL Instant Messenger is believed to be the first that actually chats with the intended victim to dupe the target into activating a malicious payload, IM security vendor IMlogic warned Tuesday.
According to IMlogic, the worm, dubbed IM.Myspace04.AIM, has arrived in instant messages that state: "lol thats cool" and included a URL to a malicious file "clarissa17.pif." When unsuspecting users have responded, perhaps asking if the attachment contained a virus, the worm has replied: "lol no its not its a virus", IMlogic said.
The malicious file disables security software, installs a backdoor and tweaks system files, the company said. Then it starts sending itself to contacts on the victim's buddy list.
But the worm is programmed so that the infected user cannot see the messages that are being sent out by the worm, according to IMlogic.
"This is a first," said Andrew Burton, director of product management at Waltham, Mass.-based IMlogic. This worm is not widespread, but attackers are just trying out this new technique, he said. "We will see one or two instances of an attack, there will be a refinement and then there will be an outbreak."
The inclusion of an IM bot is another sign that IM worms are becoming more sophisticated. Another worm, also spotted on Tuesday, takes a more traditional route: it spreads under the guise of a holiday greeting card, IM security specialist Akonix Systems said Tuesday.
The holiday worm, dubbed Aimdes.E, targets AIM users and arrives with the message: "The user has sent you a Greeting Card, to open it visit:" followed by a link. Once the target clicks on the link, the worm installs itself on the system. It opens a backdoor on the computer and sends itself to contacts on the buddy list, Akonix said.
Advice to users is to be careful when clicking on links in IM messages--even when they seem to come from friends--and to use up-to-date antivirus software. When receiving a link in an instant message, the best practice is to verify with the sender if the link was sent intentionally or not.
Manic Progressive: A liberal who violently swings from anger at politicos to despondency over them.
Out Of Context theatre: Ron Paul has repeatedly said he's not a racist. - Destructinator XIII on why Ron Paul isn't racist.
That's pretty clever. Fucking annoying, but clever.
Only TEN men in the prison anal gangbang for this fucker.
Do not meddle in the affairs of insomniacs, for they are cranky and can do things to you while you sleep. The Realm of Confusion
"Every time you talk about Teal'c, I keep imagining Thor's ass. Thank you very much for that, you fucking fucker." -Marcao SG-14: Because in some cases, "Recon" means "Blow up a fucking planet or die trying." SilCore Wiki! Come take a look!
A few years ago, I found a chatterbot AI that hooked into ICQ. I unleashed it on the world for random conversations. Most people picked up on it pretty easily, but a few people chatted with it for hours on end, without a clue.
I'll have to see if I can find the logs.
Do not meddle in the affairs of insomniacs, for they are cranky and can do things to you while you sleep. The Realm of Confusion
"Every time you talk about Teal'c, I keep imagining Thor's ass. Thank you very much for that, you fucking fucker." -Marcao SG-14: Because in some cases, "Recon" means "Blow up a fucking planet or die trying." SilCore Wiki! Come take a look!
I was a little confused at first, when I saw Turing, I thought "Turing-recognizable" and was somewhat confused.
This could acutally be quite bad, even if it doesn't pass the test, it only needs to be 'somewhat' convincing, and it'll manage to infiltrate many a user, I'll wager.
SirNitram wrote:Yes, I said Sub-Turing. In that it's not quite clever enough to pass the Turing test, but will talk to you anyways.
For the morons this thing targets, it probably "talks" better english than them
"Okay, I'll have the truth with a side order of clarity." ~ Dr. Daniel Jackson.
"Reality has a well-known liberal bias." ~ Stephen Colbert
"One Drive, One Partition, the One True Path" ~ ars technica forums - warrens - on hhd partitioning schemes.
Take in mind, there is not yet an AI chatterbot that has officially passed the Turing Test, so technically all chatterbots are "Sub-Turing".
The test, by the way, is simply double blind experiments. It's really a rather subjective thing in some cases.
Generally speaking, I grade chatterbots by using the quality of Eliza as a guideline.
Do not meddle in the affairs of insomniacs, for they are cranky and can do things to you while you sleep. The Realm of Confusion
"Every time you talk about Teal'c, I keep imagining Thor's ass. Thank you very much for that, you fucking fucker." -Marcao SG-14: Because in some cases, "Recon" means "Blow up a fucking planet or die trying." SilCore Wiki! Come take a look!
Your head is humming and it won't go, in case you don't know, the piper's calling you to join him