Malicious Website/IM/Trojan Horse: Trojan BOT spreading through IM

Websense® Security Labs™ has received reports of an Instant Messaging worm that targets users of AOL Instant Messenger (AIM). The user receives an unsolicited message within AIM that prompts the user to visit a website and view a funny picture. The message reads, " so funny hhehe" and is followed by the URL.

If the user clicks the URL, an application disguised as a server-side PHP script downloads. The application is a variant of the RBOT Trojan Horse, which opens a backdoor on the local machine and connects the user to BOT Network.

The site is hosted in the United States and was up at the time of this alert. Websense® - Security Labs Alert: Trojan BOT spreading through IM

Linked by shanmuga Friday, 14th October 2005 1:38AM