Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

AOL IM and BuddyLinks issue

From: Manuel Amaral <Manuel.Amaral () OLIN EDU>
Date: Wed, 11 Feb 2004 17:30:12 -0500
FYI:

        We just discovered today that our community was inundated with
AIM propagated messages with a link to wugtv.com.  The source looked
legitimate as it came from someone within the user's buddy list and
directed them to a site with an Osama Bin Laden computer game.  The
link, once clicked, takes you to a page which automatically launches the
install process for this "game", although it does ask if you wish to
install it.  Unfortunately, the process installs several other items,
which I'm sure most people don't care to have on their systems.

        Even after uninstalling the application, there are residual
executables we discovered in a psd tools folder on the affected systems.
We're still checking to see if there is anything else we've missed.
I've included a link to a slashdot article that came out today about
this very problem with a snippet from their license agreement.  We had
blocked access to AIM until we understood what was going on and have
since blocked access to the site sent via AIM and turned AIM access back
on.  It appears that SpyBot S&D, with the latest updates, detects this
and helps you remove it.

Manny Amaral
Associate Director of Information Technology
Franklin W. Olin College of Engineering.

http://yro.slashdot.org/article.pl?sid=04/02/11/1614257

Here's a snippet from the license agreement with emphasis:
Services; Modifications to Your Instant Messaging Client. The Software
provides you the opportunity to access Content for no charge. In return
for the right to access this Content, you acknowledge and agree that the
Software contains additional software products provided to PSD Tools by
its suppliers which will periodically deliver additional Content such
as, but not limited to, advertisements and promotional messages to your
Computer and programs that may alter your home page to offer you
Content. In addition, the Software will interoperate with your current
instant messaging client so as to permit the automatic sending of
advertising messages originating from your Computer to your contact or
"buddy" list regarding Content offered by PSD Tools or its suppliers. If
you desire to stop this activity, you may elect to stop the messages by
navigating to the "buddylinks.net" entry in your "Start Menu", selecting
the "buddylinks.net Configuration" item, and unchecking the appropriate
option. You may also refer to PSD Tools' website at
http://www.psdtools.com for an uninstaller.
(http://www.buddylinks.net/terms.html)



**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: