Slashdot Mirror
New Worm Chats with Users on AIM
goldseries writes "CNet is reporting that a new
IM worm chats with users to get them to down load a file containing a virus. The virus replicates its self and sends its self out to user's buddy lists. The virus will reply 'lol no this is not a virus.' The virus hides users from seeing the messages sent out to members of their buddy list. Viruses are evolving; now they will even talk to you."
A.L.I.C.E.
:D
This is a small app and she will talk with you - pretty well. So the fact these guys use something similar (it might even be this app) is no big surprise.
That's why I use Trillian..I still haven't figured out how come it won't let me download files, or even get pictures from other people or even do any kind of direct connect
I mod down so you can mod up. Your welcome.
Does this mean that September is almost over?
Be a real patriot: Question authority. Think for yourself. Formulate your own conclusions.
Anyone who played Quake2 must be familiar with ratbot. It would respond with "Yeah !!! I am a R A T B O T !!!!! ?? " or "Please help me !!! What is a bot ??" if someone's message included the text "ratbot". This worm reminds me of that... annoying, but in a really funny way.
You have enemies? Good. That means you've stood up for something, sometime in your life. --Winston Churchill
Don't you just hate it when Insightful gets modded Funny?
I can picture it now. All these lusers whining about their toasted computers... 'But my buddy sent it to me! No, I know about viruses, so I asked if it was for real, and he said it wasn't a virus! It sounded just like him!'
How the hell is this going to be stopped? It's easy to beat the AOL Turing test, because these people use such a warped and simplified form of English that leaves out most of the quirks that give away the lack of any intelligence behind the text. Either we educate AOLusers - in English rather than in computer science - so that they use more complex language that machines can't readily mimic, or we shut down file transfers over IM.
Real Daleks don't climb stairs - they level the building.
My house is safe. We switched my teenaged sister to a Mac, and the number of viruses entering the house quickly dropped to zero. No matter how many times I said "Don't click on the link you get in IMs...". Problem solved!
Join the Empire! http://www.empirereborn.net/
Viruses are evolving
Seriously now, are viruses really evolving or is it just that the techniques used by virus writers are evolving? And my Inner Philosopher wants to know if there's a difference and if this has anything to do with Intelligent Design.
I better stop now.
"It's a wonderful idea. But it doesn't work." -- Tad Danielewski
Always interesting to see how virus technology evolves. But this... well just reminds me of a t-shirt note I saw somewhere... "Because there is no patch for human stupidity."
Some people just can not be educated.
Time is indeed valuable, but where in a professional setting would the equilivent of "lol" be acceptable? I can't think of anywhere I would use that, and in person or in writing most "professionals" would never dream of using that type of reduced language either.
If a person is really so busy as to be bombarded by instant messages non-stop, maybe they should evaluate what percentage are really critical and ignore the rest? That time/money saying is really all about time management!
A great book about Time Management (by the way) is "The Time Trap" by R. Alec MacKenzie.
I remember the old days when you'd actually get a message from someone who was a human being. Haven't seen this AIM spam bit but there is one in ICQ which is pretty crude. Says hi then sends it's link if you respond. Of course the bots have no info on themselves, have hidden ips and are easy to spot as the bots they are. The people who create and unlease these things belong in the same jail with the email spammers.
Enjoy your Karma, after all you earned it. Feel your Karma Joe, feel it burn.
Also: if we used proper grammar and spelling, I think it would be easier to filter spam. I'm not involved with the spam problem so much, but it seems to me "words" like v14gr4 would cause problems. Meanwhile if we could detect "v14gr4" isn't a word in our dictionary, we might be able to flag the email as potential spam. Then if you were working on something where the project's code name was "v14gr4" or something, the word would appear underlined, you would click it and click "Add word to dictionary." I don't know if that's even the best way, but I think if everyone used proper spelling and grammer, computer comprehension (and filtering) would be able to improve. I might be wrong.
How about, and here's a tough one: Microsoft unhide the @%$@#$%@ file extensions on everything by default. WTF is up with hiding them?
How many trojans are named "something.jpg.exe" or just have a picture icon, or html icon when it's truly an exe? What motard at MS thought hiding "the oh so complex" file extension was a good thing?
Seriously, this one has bugged me for years. Dumbing down computer interfaces beyond a certain point is just asking for trouble.
As a fringe benefit it will also filter out anyone who can't be bothered to spell most of their email correctly, which might be handy for those who receive crazy rants due to their online postings. :)
if everyone used proper spelling and grammer, computer comprehension (and filtering) would be able to improve.
QED. It may interest you to know how many ways there are to spell Viagra...
Ydco co
I don't understand why AOL doesn't simply apply anti-bot filters when this crap is discovered. No IM protocols in use today are peer-to-peer based, they are all server based (otherwise firewalls would have prevented IM from taking off amongst the Joe Sixpack crowd.)
These bots all have distinctive signatures, how hard could it possibly be to pinch them off at the server side? They could do other things, too, such as IM'ing the infected client from Admin to say "Busted, O virus-laden one. Please update your antivirus software and only then will we allow you back onto our servers."
Seems like an ounce of prevention to me ...
John
Well, just wait until the AI gets more advanced. Then it will first sit silently on your computer for a while and watch your chatting behaviour. And then it will try to imitate you.
The Tao of math: The numbers you can count are not the real numbers.
Not only that, but MacOS (even back to version 1) makes it really easy to disguise a executable as any other type of file. And from version 7.0 on, you can even paste any icon over any type of file.
But yes, nobody complains except when Microsoft does stuff like this. Goofy.
What's even goofier is that in OS X, as far as I can figure, "show file extension" is a file-specific flag, not a user-specific flag. Unless I'm missing something, it's impossible to get OS X to show file extensions on all files all the time.
Comment of the year
That's why I added some autotext entries on my Sidekick to convert "u" into "you", "ur" into "your", "u're" into "you're", "b4" into "before", "l8r" into "later", etc. Now I can thumb-type more quickly and not sound like a luser.
--
Jake
No, you misunderstood. It would at first sit there and watch you, and then, after it has learned enough about your behaviour, it contacts your buddies and tries to look like you to them.
For example, it could catch typical phrases you use, as well as about what topic you chat with whom. That way, it could manage to not only chat from your account, but at the same type look so "typically you" that your buddies would more likely accept them as you, and therefore download the virus file (the stated contents of which would also be adapted, so if you typically chat with one of your buddies about programming, then it may e.g. claim to have found a great new code analysis tool, while to the other buddy you are talking about movies with, it would be e.g. a trailer to a new movie).
The Tao of math: The numbers you can count are not the real numbers.
Of course, spammers will compensate by padding emails with 98% Shakespeare
Well, at least you would have an interesting read in you inbox everyday; maybe one could develop some sort of persistant distributed storage scheme involving spamI'm still trying to figure out what people mean by 'social skills' here.
Not that the slashdot crowd needs any convincing, but here is a hilarious case in point. http://www.costlowcorp.com/applications/monkeyLogo /gullible.php
Most non techie people have little of what a bot is. Nonsense answers rarely detour the ignorant and/or stupid. The replies are like Rorschach ink blots. The person will unconscious assume what they mean, while thinking all is otherwise normal.
I guess I should give compliments to AOL for getting their members acquainted with the idea of IM bots.
Ha! This reminds me soem advice a friend of mine gave to me: "If you want your pr0n folder to be untouched: compress it, delete the original, and change the archive's extension to *.dll. Nobody wants to mess with a 1 GB *.dll."