Slashdot Mirror

← Back to Stories (view on slashdot.org)

Santa IM Worm Hits AOL, MSN and Yahoo

Posted by samzenpus on from the bad-santa dept.

elmtree95 writes "CNET News reports A Santa Claus worm is attempting to trick America Online, Microsoft MSN and Yahoo instant-messaging users into clicking on a file that delivers unwanted software to a victim's computer. The IM.GiftCom.All worm attempts to dupe IM users into thinking an acquaintance has sent them a link to a harmless Santa Claus file. IM security vendor ELMTree Software has released a patch to their ChatPatrol (www.chatpatrol.com) product to address this issue."

7 of 149 comments (clear)

  1. Re:How does it work? by setirw · · Score: 3, Informative

    Not necessarily. It could be linked to an EXE or PIF, which a naïve user would open. If the target ignores all browsers' warnings about harmful EXEs, in combination with Windows's hiding of file extensions... (somefile).jpg .exe is something I've seen many times. By the way: Does IE prompt that PIF/BAT files are potentially dangerous when downloading? How about VB scripts?

    --
    This message printed on 100% post-consumer recycled electrons.
  2. Re:User's fault again by mattmacf · · Score: 2, Informative
    taking the warnings off doesnt help when a worm installed across several thousand idiots starts DOSsing a site im trying to get to. licking a 110v wire shouldnt knock my power out.

    regardless, it looks like just another silly aim worm (albeit with a festive holiday flair).

    --
    I only mod funny =D
  3. Re:How does it work? by thesnarky1 · · Score: 2, Informative

    If you remember the other big IM worm a few weeks (months?) ago, browser didn't matter. Just user stupidity. So, as I said then, tell your friends and family to NOT CLICK LINKS! Unless of course, whomever im'ed them can repeat a phrase, such as "I AM a bot, you stupid fool!!!" Security at its finest.

    --
    Want to find other gamers to play board and role playing game
  4. Re:ChatPatrol by Anonymous Coward · · Score: 4, Informative

    It's not even a ripoff of Gaim, it's just a lousy non-free, non-Free, Windows-only plugin for the commercial IM clients, being hawked using an account which is employed for that purpose only. elmtree95's one and only /. post.

    Does it install a clue for users silly enough to download and run executables being pushed by anonymous strangers?

    "IM security vendor." How pathetic.

    Editors, please don't put spam stories like this on the site. That's all it is.

  5. Re:How much does a story like this cost? by detlev409 · · Score: 4, Informative
    Agreed. I call shenanigans. Check out Elmtree's profile. This account was created with the express purpose of promoting the ChatPatrol product.

    This is nothing more than an underhanded marketing attempt, piggybacking on a genuine virus alert. OOoo...the shadiness...

    --
    Howdy.
  6. Re:WTF? by MntlChaos · · Score: 2, Informative

    except they're not random people. You'd think they were your friends.

  7. Re:How does it work? by Anonymous Coward · · Score: 3, Informative

    It's a '.com' (like command.com) file being distributed. User clicks accept to start the file transfer. On completion, the IM client turns the filename into a clickable link which, if clicked, starts the malicious component.