Well, here it is! It looks like FaceTime Communications discovered yesterday a new worm spreading through AOL’s Instant Messenger.
This new worm hasn’t been named yet and it’s quite tricky. “A very nasty bundle is downloaded to your machine” when you click on the worm link, said Tyler Wells, senior director of engineering at FaceTime. “This is the first time that we have seen a rootkit as part of the bundle of applications that is sent to your machine. It is a disturbing trend.”
The number of attacks on IM networks is growing faster lately. This “attacker” brings a version of the Sdbot Trojan horse besides the rootkit file “lockx.exe”. Other spyware and adware applications are also installed, including 180Solutions, Zango, the Freepod Toolbar, MaxSearch, Media Gateway and SearchMiracle, as the company warned.
Recently Yahoo and Microsoft announced their plans to link both of their IM networks. A great news for normal users but also a great opportunity for “bad” users to spread more malicious programs.
The company spotted the worm after it infected their bait PC connected to the AOL IM chat room. “It is still out there, and it is definitely something the user should be leery of,” Wells said. “The rootkit is designed to not be detected, and that is the scary part.”
In the end here’s the warning: Be careful out there!