Your name or email adress:
Do you already have an account?
Forgot your password?
  • Log in or Sign up


    Results 1 to 4 of 4
    1. #1
      Jahness's Avatar
      Jahness is offline OniOni Warrior

      Join Date
      Mar 2005
      Location
      In amerikkka! Stolen from Afrika!
      Posts
      6,827
      Thumbs Up/Down
      Received: 1/0
      Given: 18/0
      Rep Power
      616

      Arrow AOL Users Please Read!.... 'Frankenstein' Attack Hits AIM (AOL Instant Messenger)


      0 Not allowed! Not allowed!
      'Frankenstein' Attack Hits AIM

      John E. Dunn,
      Techworld.com

      A potentially destructive new worm is targeting users of the America Online instant messaging service.

      Called W32/Sdbot-ADD by Facetime Security Labs, the vendor that first reported its existence in a less harmful version some weeks ago, this is a worm with a troubling and innovative twist--it installs a rootkit-like backdoor on any machine it manages to infect.

      Chris Boyd of Facetime, the researcher who discovered the new and dangerous W32/Sdbot-ADD malware bundle, describes it as being a low to medium risk, but one the company is publicizing because of its dangerous effects. If it infected a PC, he would consider reformatting the machine from scratch, he said.
      How it Works

      An attack starts with an AOL Instant Messenger (AIM) user being asked to open a link, apparently at the request of an AOL "buddy" or contact. Clicking on this initiates the infection sequence, which starts with the dropping of a number of adware files, and the rootkit software itself, lockx.exe.

      Once on the PC, the malware attempts to shut down antivirus software, install software that allows the PC to be remotely controlled by IRC, and open a backdoor for future attack. It also contains an SMTP engine with which to collect e-mail addresses.

      The vendor has classified it as being the first IM rootkit because of the way it attempts to hide traces of its existence. The rootkit file's use of IRC is also considered especially dangerous because it allows attackers to execute remote commands.
      Mix of Methods

      Facetime's Boyd says the "Frankenstein-like" malware has strange properties that mark it out. Several of the adware components it installs have been seen before, for instance. What was innovative was the mixture of many different components, the installation of such a potentially dangerous executable, and the fact it attacks through the generally unprotected channel of instant messaging.

      The infection route was also by way of a link leading to a blank page, in contrast to conventional "drive-by" infections that dropped malware from real Web pages.

      Facetime's tests indicated that several antivirus programs were not able to detect the malware. Equally, most antivirus programs don't monitor the IM channel, so this is not surprising. Once on a PC, the malware runs like any other unidentified executable.

      "They (the malware writers) will push out many variants in order to confuse things," said Boyd, describing the new outbreak as probably a "dry-run attempt" for something to come.

      http://news.yahoo.com/news?tmpl=stor...6&sid=96089681

      Copyright © 2005 PC World Communications, Inc.
      Posted In The Spirit of Learning & Sharing
      One Love & Respect Always

      ***************************************
      The Quest for knowledge stops at the grave.
      HIM Emperor Haile Selassie I.


      If you fail to prepare,
      you are preparing to fail!


      Mind what you want, because someone wants your mind.

      Working together, the ants ate the elephant.


    2. #2
      JrFem's Avatar
      JrFem is offline Warrior

      Join Date
      Feb 2005
      Posts
      244
      Thumbs Up/Down
      Received: 1/0
      Given: 0/0
      Rep Power
      106

      0 Not allowed! Not allowed!
      I didnt get infected, or i dont know. But i got an aim message from my "friend" and stupidly opened the file. i had to run virus scan 5 or 6 times before it stopped finding a virus. It reminds me that i have to back up my information...my last backup was in may. I gotta do that stuff more often...
      -jennia
      "forward ever"

    3. #3
      Jahness's Avatar
      Jahness is offline OniOni Warrior

      Join Date
      Mar 2005
      Location
      In amerikkka! Stolen from Afrika!
      Posts
      6,827
      Thumbs Up/Down
      Received: 1/0
      Given: 18/0
      Rep Power
      616

      Arrow


      0 Not allowed! Not allowed!
      Quote Originally Posted by JrFem
      I didnt get infected, or i dont know. But i got an aim message from my "friend" and stupidly opened the file. i had to run virus scan 5 or 6 times before it stopped finding a virus. It reminds me that i have to back up my information...my last backup was in may. I gotta do that stuff more often...

      Greetings JrFem

      Yes, always scan files before opening or downloading. Backing your files up is very important, because you never know when you might need to have a clean copy.

      Try and at least backup once a month, and if you ever feel as if you compronmised your system and was exposed to a virus, then immediately run your virus scan and clean up your system.

      Much appreciation to you for sharing your views.

      Peace & Blessings!
      Posted In The Spirit of Learning & Sharing
      One Love & Respect Always

      ***************************************
      The Quest for knowledge stops at the grave.
      HIM Emperor Haile Selassie I.


      If you fail to prepare,
      you are preparing to fail!


      Mind what you want, because someone wants your mind.

      Working together, the ants ate the elephant.


    4. #4
      Raha's Avatar
      Raha is offline Be EASY.

      Join Date
      May 2005
      Location
      SW H-Town
      Posts
      2,031
      Blog Entries
      11
      Thumbs Up/Down
      Received: 0/0
      Given: 0/0
      Rep Power
      244

      0 Not allowed! Not allowed!
      Does this also apply to those who use programs like Trillian?
      Pyrrhic Victory (New songs are up!): http://www.reverbnation.com/pyrrhicvictory

      Some people take themselves WAY TOO SERIOUSLY, when in actuality, no one else is really taking them as seriously as they think.

    Thread Information

    Users Browsing this Thread

    There are currently 1 users browsing this thread. (0 members and 1 guests)

    Similar Threads

    1. Replies: 0
      Last Post: 12-24-2015, 01:02 AM
    2. South Africa: Local Micro-Jobbing Service Hits 70 000 Users
      By TTDC Bot in forum Afrikan News RSS Feed
      Replies: 0
      Last Post: 05-09-2015, 01:00 AM
    3. Frankenstein
      By TTDC Bot in forum Revolutionary Daily Thoughts
      Replies: 0
      Last Post: 12-17-2008, 04:20 PM
    4. Download Assata Instant Messenger
      By XXPANTHAXX in forum Assata's Messenger
      Replies: 0
      Last Post: 10-06-2008, 08:02 PM
    5. Helicopter attack hits African Union's bid for Sudan peace
      By Jacuma in forum Afrikan World News
      Replies: 0
      Last Post: 12-21-2004, 02:15 AM

    Thread Participants: 2

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •  


    About

      Assata Shakur Speaks is an Forum Devoted To Assata Shakur And All Political Prisoners Around The World.
      Assata Shakur Speaks Is An Oasis Of Pan African Information Geared Towards The Liberation Of Afrikan People.

    Follow Us On

    Twitter Facebook youtube Flickr DavianArt Dribbble RSS Feed



    BACK TO TOP