Well here’s a nasty little twist on malware today. There is currently an AOL bot that is working itself across the interweb. AOL Instant Mesenger users may face an IM with a link that appears to be benign. Be warned, this will infect your systems with an encrypted bot that is quite difficult to remove.
The bot software, which can only infect those who click on a malicious link sent via AIM, may infect upwards of a few tens of thousands of users, said Johannes Ullrich, chief research officer at the Sans Institute. San’s Internet Storm Center released a report on the issue Sunday night.
“This is one of the few times we’ve seen a botnet encrypted,” Ullrich said. “Encryption usually takes a lot of code space, but in this case it does not. It’s a leaner bot.”
This was something that was only a matter of time before it came along. Researchers are speculating that the bots are using peer to peer technology to communicate rather than being centrally managed. It’ll be interesting to see the followup to this one.
[tags]AOL, Bot, Trojan, Encryption[/tags]
