Monday, May 01, 2006

AOL IM bot cloaked in encryption

CNET News.com: "AOL Instant Messenger users who click on a malicious link could find themselves the victim of a newly discovered bot that uses encryption to increase the range of its targets and make eradication more difficult.
America Online on Monday said it is blocking malicious links tied to a recently discovered bot that uses encryption to increase the range of its targets and make eradication more difficult.
The bot software, which can only infect those who click on a malicious link sent via AIM, may infect upwards of a few tens of thousands of users, said Johannes Ullrich, chief research officer at the Sans Institute. San's Internet Storm Center released a report on the issue Sunday night.
'This is one of the few times we've seen a botnet encrypted,' Ullrich said. 'Encryption usually takes a lot of code space, but in this case it does not. It's a leaner bot.' "

No comments: