Hackers building 'botnet' with AOL instant messaging worm
Hackers using computer worms sneakily implanted via America Online (AOL) instant messages were building a potentially evil "botnet," a Silicon Valley Internet security firm said.
FaceTime security specialists advised users not to open any files sent to them via AIM.
FaceTime Security Labs identified the worm as "W32.pipeline" and said the executable software tricked its way into people's computers by posing as a picture attached to an instant message from someone on their AOL "buddy list."
Once in computers, the worms open the doors to download infectious software that essentially lets those behind the invasion take control of the machines, according to FaceTime.
"The motivation for the bad guys seems to be in lining up as many 'install chains' as possible to insure a consistent pipeline that can be controlled by their rogue botnet," said FaceTime director of malware research Chris Boyd.
AIM users are duped into letting the worms in through psychological ploy from the "social engineering" playbook, according to FaceTime.
The infected attachments are disguised as image "JPEG" files and arrive with AIM messages to the effect of "hey would it (be) okay if i upload this picture of you to my blog?"
The worm sends copies of itself to addresses found on AOL instant messaging (AIM) buddy lists of newly infected machines, FaceTime said.
The robotic computers can be amassed in a network referred to as a "botnet."
"FaceTime researchers believe that the ultimate goal of the W32.pipeline is to create a sophisticated botnet that can be used for a range of malicious purposes," the Foster City, California, company said in a statement.
Botnets under the control of hackers can be mined for personal information or used to send junk e-mail or overwhelm business websites with simultaneous requests in what are known as "denial-of-service" attacks.
Hackers could also use zombie machine armies to commit "click fraud" by having them repeatedly connect to Internet advertising for which businesses are charged per click.
FaceTime Security Labs identified the worm as "W32.pipeline" and said the executable software tricked its way into people's computers by posing as a picture attached to an instant message from someone on their AOL "buddy list."
Once in computers, the worms open the doors to download infectious software that essentially lets those behind the invasion take control of the machines, according to FaceTime.
"The motivation for the bad guys seems to be in lining up as many 'install chains' as possible to insure a consistent pipeline that can be controlled by their rogue botnet," said FaceTime director of malware research Chris Boyd.
AIM users are duped into letting the worms in through psychological ploy from the "social engineering" playbook, according to FaceTime.
The infected attachments are disguised as image "JPEG" files and arrive with AIM messages to the effect of "hey would it (be) okay if i upload this picture of you to my blog?"
The worm sends copies of itself to addresses found on AOL instant messaging (AIM) buddy lists of newly infected machines, FaceTime said.
The robotic computers can be amassed in a network referred to as a "botnet."
"FaceTime researchers believe that the ultimate goal of the W32.pipeline is to create a sophisticated botnet that can be used for a range of malicious purposes," the Foster City, California, company said in a statement.
Botnets under the control of hackers can be mined for personal information or used to send junk e-mail or overwhelm business websites with simultaneous requests in what are known as "denial-of-service" attacks.
Hackers could also use zombie machine armies to commit "click fraud" by having them repeatedly connect to Internet advertising for which businesses are charged per click.
0 Comments