Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

isn logo Information Security News mailing list archives

JPEG flaw gets instant messaging worm
From: InfoSec News <isn () c4i org>
Date: Thu, 30 Sep 2004 05:25:23 -0500 (CDT)
http://www.theinquirer.net/?article=18770

By Nick Farrell
30 September 2004

VIRUS WRITERS have released an Internet worm that propagates using
instant messages and exploits the JPG flaw in Microsoft. Researchers
at The SANS Institute's Internet Storm Center (ISC) have had two
reports of a worm being installed using AOL messenger.

The victims complained that they received messages on America Online's
AOL Instant Messenger service that lured them to Web sites containing
a JPEG that contained the malicious code.

The messages told the users to "Check out my profile, click GET INFO!"  
But when they visited the site, the malicious code would attempt to
install backdoor software.

Additionally, messages containing a link to the site would be sent out
to all contacts on the victim's instant messenger contacts list.

The ISC said the attempts failed but showed that hackers were starting
to build code using the JPEG vulnerability.



_________________________________________
Donate online for the Ron Santo Walk to Cure Diabetes - http://www.c4i.org/ethan.html

  By Date           By Thread  

Current thread:
  • JPEG flaw gets instant messaging worm InfoSec News (Sep 30)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]