Slashdot Mirror

← Back to Stories (view on slashdot.org)

Instant Messaging Vulnerable To New Smiley Attacks

Posted by timothy on Wednesday April 1, 2009 @08:11AM from the clever-really dept.

titus writes "Security researchers Yoann Guillot and Julien Tinnes have found a way to encode malicious code into smileys and provided a proof of concept encoder to automate the process. The researchers said their discovery paves the way for IM malware that would be impossible to detect since the malicious code would be 'indistinguishable from genuine chat messages.' I've tested the proof of concept code which works very well. Time to panic?"

2 of 170 comments (clear)

Min score:

Reason:

Sort:

:(){ :|:& };: anyone? by TinBromide · 2009-04-01 08:29 · Score: 5, Informative

:(){ :|:& };:

There, punch that into your terminal and see the poweer of the smiley.

--
Is it sad that I am more likely to recognize you and your posts by your sig than your name or UID?
Re:Stop. Really, just stop by blackfrancis75 · 2009-04-01 09:44 · Score: 5, Informative

Slashdot is operational 364 days a year.
actually 364.24222 days a year .. and you call yourself a nerd?