Slashdot Mirror
Santa IM Worm Hits AOL, MSN and Yahoo
elmtree95 writes "CNET News reports A Santa Claus worm is attempting to trick America Online, Microsoft MSN and Yahoo instant-messaging users into clicking on a file that delivers unwanted software to a victim's computer.
The IM.GiftCom.All worm attempts to dupe IM users into thinking an acquaintance has sent them a link to a harmless Santa Claus file. IM security vendor ELMTree Software has released a patch to their ChatPatrol (www.chatpatrol.com) product to address this issue."
Since the user has to click on a link, I assume the browser type matters?
So... can I get the source to this blatant ripoff of gaim?
Elmtree must be the stupidest company I've seen. They rip off gaim, and then write a post to slashdot: the place where the users are most likely to call them on their infringement!
"IM security vendor ELMTree Software has released a patch"
... and we all hope (in reverend silence) that they havent released the Santa Claus worm itself also
Please read this post regarding IM Logic: http://security-protocols.com/modules.php?name=New s&file=article&sid=3135
"If you have been looking for more details on the IM.GiftCom.All threat, you won't find them. Why, you ask? Two reasons, first, IM Logic didn't release any and second, you are most likely not an IM Logic customer.
IM Logic withholds details of Santa Claus worm, unless you're a customer IM Logic withholds details of Santa Claus worm, unless you're a customer On Dec. 19th IM Logic released an advisory about a worm spreading through all major IM clients. See advisory for details, or lack thereof. You will need to search for IM.GiftCom.All at http://www.imlogic.com/im_threat_center/index.asp If you have been looking for more details on the IM.GiftCom.All threat you won't find them. Why, you ask? Two reasons, first, IM Logic didn't release any and second, you are most likely not an IM Logic customer. IM Logic did not publicly release any actionable information that would help the community at large. Not because they don't have the details, but because they only share that with paying customers, according to Tim Johnson, the Director of IM Logic's threat center. Mr. Johnson also said that "this is not unethical" and he doesn't see what all the fuss is about. All you have to do is buy the company's product and you will be protected. Johnson did mention that they have a process they follow. They first create the signatures for their products, and then they notify all the affect vendors. Don't worry; the vendors will fix it ASAP. Then they tell the antivirus vendors about what they know. Hopefully they can detect and stop any current infections, if not...your screwed. Then you as a non-customer have the opportunity to wait for a signature to come out by your antivirus vendor so that you can tell if a hacker has a rootkit loaded in your environment. Oh wait, darn it, I almost forgot, according to the official advisory, antivirus vendors can't detect Santa Claus; apparently Santa can put your antivirus to sleep. I always thought Santa knew if you were sleeping, not able to put you to sleep; but I digress. So what is the world and security community supposed to do? Well according to IM Logic, pay them the money and they will take care of it for you. Hmm, I wonder where else we find this type of behavior. Hold on guys, Toni the Bull is at my back door, brb, need 2 make my "insurance payment" AFK.... Back, sorry it took so long. I just hurt my knee; I was short on my "insurance payment" this month. Anyway, haven't we been down this road before? Security companies should follow the same procedures that ethical and responsible researchers follow when disclosing vulnerabilities. Most companies are responsible, those that aren't... should we reward them by purchase order? Not this security guy. "
This is nothing more than an underhanded marketing attempt, piggybacking on a genuine virus alert. OOoo...the shadiness...
Howdy.