AOL Instant Messenger Attacked
AOL Instant Messaging service has been attacked: “Bots infect computers and allow hackers access to infected computers.”
DiamondBack, the University of Maryland’s student newspaper, has reported that a student using AOL Instant Messenger got a message with a link reading “LOL, ha, check this out”.
He was chatting with his friend and thought that it was from his buddy and clicked on it. His computer was infected with virus and now the whole university campus is infected.
Gerry Sneeringer, information technology security officer of the university has reported, “The office has gotten 120 reports recently of a bot infecting residence hall computers on the campus network through AIM. Bots infect computers and allow hackers access to infected computers.
The current infection is from a family of bots known as SDbot and is sent through AIM. Messages are accompanied by a link that seems to be a picture”.
Coe, a senior English major, said that the messages and link seem innocent because they are sent from a screen name on the victim’s buddy list. The bot then causes the victim’s AIM to send the worm to people on his or her buddy list. According to Coe, several of his friends received the link from his screen name, prompting them to inquire about the link or request he take them off his buddy list.
According to Sneeringer, “Once infected, the best option is to reinstall Windows. Bots disable or tweak anti-devices first, rendering the user helpless.
System restore, which returns a computer’s settings to a previous date, is an option worth trying before reinstalling. Even if students go into Safe Mode and delete the bot, enough damage has been done to warrant reinstalling Windows”.
According to Sneeringer the steps taken by the university include:
Officials will advise students not to click on suspicious links “until we’re blue in the face”.
OIT will suggest that students update the settings on their security software. The university offers free anti-virus software from McAfee at its Help Desk.
OIT has sent McAfee its information on the bot, so the company should update its settings to catch the bot in the near future.
Comments are closed.
