Pipeline 'Worm' Floods AIM With Botnet Drones

[Impotence]

Several reader write about a new AIM threat dubbed the "AIM Pipeline Worm" that uses a sophisticated network of "chained" executables to attack the end user. Security Focus has a brief note. One anonymous reader writes: "Using this method, there is no starting point for the attack — a malicious link via IM can send you to any given file, at which point the path of infection you take depends entirely on the file you start off with. The hackers can then decide which order to install malicious software, depending on their needs at the time. At a bare minimum, you will become a Botnet Zombie — if you're really lucky, you might be Trojaned, have a Rootkit installed on your PC, and be used for spam, file storage, and DOS attacks. Unlike similar attacks that have been attempted in the past, the removal of a file from the chain will not stop the attack — you will simply end up with something else installed instead, in the form of a randomly named executable dumped in your system32 folder. You'll still spam an infection link to all your contacts."

Source: Slashdot.org

[ot]
I find this sort of thing a bit to interesting, allways wondering "what if" (in this case, what if this has been bundled with an actual RCE exploit... it could have spread faster than wildfire!)
[/ot]

 

[Swansen]

So you can only get his stuff by clickin on links in AIM

 

[Matt555]

I've seen things like this before (basic click the link, get infected, it automatically sends to everyone online on your contact list etc - not as bad as this though) there would be messages like "OMG - You never told me you met Britney Spears" or something, then a link to a file which was named something like "your_e-mail_address_here_OMG_spears.jpg" or something. Once you clicked the link to the file *bam* you're infected. The infected person never knew the message was sent as it wouldn't open any IM windows to send it.