Trojan Horse Downloaders and Spyware spreading through AIM


WebsenseŽ Security Labs has received reports of an Instant Messaging worm that targets users of AOL Instant Messenger (AIM). The user receives an unsolicited message within AIM that prompts the user to visit a website and run a program. Messages are either:

see thing!! http://URL Removed

or

HILARIOUS!! http://URL Removed

We have seen several versions of the URL. Some are up and some have been taken down. All have been hosted on personal web pages at ISP's, have had the extension of ".com", prefixed by "~username, and either "image" or "pic," followed by a number and extension.

Upon execution, the Trojan Horse modifies........ WebsenseŽ - Security Labs Alert: Trojan Horse Downloaders and Spyware spreading through AIM

Linked by shanmuga Thursday, 27th October 2005 10:35PM