Instant Messaging Vulnerable To New Smiley Attacks

← Back to Stories (view on slashdot.org)

Instant Messaging Vulnerable To New Smiley Attacks

Posted by timothy on Wednesday April 1, 2009 @08:11AM from the clever-really dept.

titus writes "Security researchers Yoann Guillot and Julien Tinnes have found a way to encode malicious code into smileys and provided a proof of concept encoder to automate the process. The researchers said their discovery paves the way for IM malware that would be impossible to detect since the malicious code would be 'indistinguishable from genuine chat messages.' I've tested the proof of concept code which works very well. Time to panic?"

10 of 170 comments (clear)

Min score:

Reason:

Sort:

Take that! :-) by betterunixthanunix · 2009-04-01 08:13 · Score: 5, Funny

And that! :-) (-:

--
Palm trees and 8
Re:Virus Smiles!?! by Leafheart · 2009-04-01 08:14 · Score: 5, Funny

I thought that was the reason for all the "Download best smiles EVER for MSN" links I saw around.

--
--- "When you gotta do something wrong. You gotta do it right. (Fighter)"
Virus Variant by JerryLove · 2009-04-01 08:20 · Score: 5, Funny

As I understand it, there is already a variant out undetectable to anti-smiley software as it embeds itself in a frowny-face.
I wonder if it's transmittable on a discussion board as well? :(
Re:Take that! :-) by Jason+Levine · 2009-04-01 08:27 · Score: 5, Funny

Ack! Now I'm :-) infected. How could :-) you go posting :-) such a virulent :-) virus where :-) everyone could see i:-)t? I thin:-)k th:-)e inf:-)ect:-)ion's g:-)et:-)tin:-)g wo:-)rs:-)e n:-)o:-)w. I:-)'m of:-)f t:-)o pa:-)t:-)ch:-) m:-)y s:-)ys:-)te:-)m. :-):-):-):-):-)

--
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
:(){ :|:& };: anyone? by TinBromide · 2009-04-01 08:29 · Score: 5, Informative

:(){ :|:& };:

There, punch that into your terminal and see the poweer of the smiley.

--
Is it sad that I am more likely to recognize you and your posts by your sig than your name or UID?
The problem with /. April fool's... by PinkyDead · 2009-04-01 08:32 · Score: 5, Insightful

...is that some of the real stories are less plausible.

--
Genesis 1:32 And God typed :wq!
Re:Stop. Really, just stop by MobileTatsu-NJG · 2009-04-01 08:59 · Score: 5, Insightful

Flamebait??? He's spot on. Mod him "goddamn right!"
Slashdot is operational 364 days a year. One day of silliness and it's BITCHBITCHBITCHBITCHBITCH. Your problem's between the chair and the keyboard.

--

"I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
Re:Virus Smiles!?! by sunami88 · 2009-04-01 09:00 · Score: 5, Funny

Dad: Who hacked us!?

Granny: idk my bff jill?

I'll go kill myself now.

--
Sex. Drugs, and Unix.
Re:Awesome by GMFTatsujin · 2009-04-01 09:12 · Score: 5, Funny

^_^
Re:Stop. Really, just stop by blackfrancis75 · 2009-04-01 09:44 · Score: 5, Informative

Slashdot is operational 364 days a year.
actually 364.24222 days a year .. and you call yourself a nerd?