|
1. Been infected with spyware? Tell us about your problem. 2. Protect your PC from viruses, spyware. 3. For fast automatic spyware removal, try CounterSpy, SUPERAntiSpyware |
Trick or treat: AIM worm delivers backdoor, rootkit and adware
Imagine you’re chatting with friends in an AOL IM chat room one minute, you click on a seemingly innocent link, and the next minute your computer is taken over by a worm delivering an extraordinarily nasty payload. That’s precisely what happened just a few days ago. CNET news has a good breakdown on this ugly trick, originally discovered and reported by Facetime. If that wasn’t bad enough, the worm also leaves the victim with adware including 180Solutions, Zango, the Freepod Toolbar, MaxSearch, Media Gateway and SearchMiracle.
Paperghost has an interesting theory about the inclusion of adware. Victims might be so focused on removing the adware, they could easily overlook the rootkit, a scary thought. He calls it “the art of stealth, using a 16-wheel juggernaut”. Paperghost also notes that this is the first time 180solutions’ Zango has been found in a stealth installation and asks “how could this happen?” Indeed, especially since 180solutions has been touting their efforts to clean up their distribution channels. Perhaps there will be an explanation on 180’s new blog. Wayne Porter, Facetime’s senior greynet director, blogged about the story and included links to additional coverage.
November 19, 2005 on 8:03 am | In Worms | |Submit to: Digg | SlashDot | Del.icio.us
No Comments yet »
RSS feed for comments on this post. TrackBack URI
Leave a comment
Previous Posts:
- How to remove new rogue antispywares Malware Bell and IE Antivirus
- How to remove softwarereferral/safewebnavigate hijackers and etlrlws toolbar
- How to uninstall combofix
- Found new rogue antispyware programs
- How to remove braviax.exe/cru629.dat/users32.dat malware
- VirusHeat rogue antispyware - How To Remove
- Fresh updates to Ad-Aware and SpyBot-search & Destroy
- How to remove core.cache.dsk and parportt.sys
- How to remove CID popups
- How To Remove cyberstoll.com, search-daily.com hijacker and WebHancer spyware
- How to remove Video Add-on and antispyware/security toolbar 7.1
- Trojan Vundo/Virtumonde turns a good file into a Trojan-Dropper
- How to make Internet Explorer more secure
- New updates to Ad-Aware and SpyBot-search & Destroy
- How to remove webcry.com hijacker
- Found first Christmas malware
- Found some new fake codecs
- Cannot View Hidden Files And Folders. How to fix
- Hijacker will not let me download anti spyware program - how to fix
- How to fix shell.exe, spoolvs.exe problem
Categories:
- Pop-Up Blockers and Firewalls (rss) (5)
- Adware (rss) (10)
- Anti Virus Software (rss) (11)
- Best Programs (rss) (3)
- Browser Hijacking (rss) (13)
- Critical patch (rss) (21)
- Exploits & Vulnerabilities (rss) (58)
- FAQ (rss) (8)
- Free Software (rss) (63)
- Identity Theft (rss) (8)
- Internet Browsers and Mail and News readers (rss) (12)
- Linux (rss) (4)
- Malware (rss) (11)
- Online Scanners (rss) (11)
- Phishing (rss) (2)
- Rogue Anti Spyware (rss) (34)
- Rookit (rss) (3)
- spyware (rss) (2)
- Spyware protection and removal (rss) (74)
- Tips (rss) (78)
- Trojan (rss) (35)
- Tutorials - "How to" (rss) (65)
- Updates (rss) (16)
- Virus (rss) (19)
- Worms (rss) (14)
Archives:
- May 2008 (1)
- April 2008 (1)
- March 2008 (4)
- February 2008 (3)
- January 2008 (2)
- December 2007 (7)
- November 2007 (27)
- October 2007 (4)
- July 2007 (2)
- June 2007 (3)
- April 2007 (1)
- March 2007 (6)
- February 2007 (6)
- December 2006 (1)
- November 2006 (2)
- October 2006 (7)
- September 2006 (2)
- August 2006 (10)
- July 2006 (7)
- June 2006 (22)
- May 2006 (18)
- April 2006 (12)
- March 2006 (24)
- February 2006 (33)
- January 2006 (52)
- December 2005 (50)
- November 2005 (66)
Blogroll
- Sans Org - Internet Storm Center
- Spyware RU
- Sun Belt Blog
Help Us:
- MyAntiSpyware needs your support. Please make link from your site to us.
Use the button:
MY ANTI SPYWARE Powered by WordPress with Pool theme design by Borja Fernandez.
Entries and comments feeds.
Valid XHTML and CSS. ^Top^