Educause Security Discussion mailing list archives
Re: IM trojan
From: Jesse Thompson <jesse.thompson () DOIT WISC EDU>
Date: Thu, 22 Jul 2010 09:39:45 -0500
It would be interesting to find out if organizations that maintain their own IM system (Jabber/XMPP or otherwise) are less susceptible to this type of threat.
If an organization does not offer a local IM service, do employees use the "big" IM services to communicate, and does that make the organization more vulnerable?
Conversely, if an organization has a local IM services, do a significant number of employees still sign in to the "big" IM services while they are at work anyway?
Jesse On 07/21/2010 05:52 PM, Dick Jacobson wrote:
We got hit today with a trojan that is spreading through IM. It references a Facebook presence and contains an image. When the message is clicked on, the trojan spreads to that user's IM list and infects the machine. The symptoms are not always consistent but most have gotten a pop-up when the open a web browser which asks them to click to confirm they are a human and not a robot. McAfee and MalwareBytes do not clean this; and we are rebuilding at least 2 machines because of this. Anyone else seeing this and/or have a fix ?? ----------------------------------------------------------------------- Dick Jacobson e-mail : Dick.Jacobson () ndus edu NDUS IT Security Officer office : STTC 219 phone : 701-231-6280 -----------------------------------------------------------------------
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- IM trojan Dick Jacobson (Jul 21)
- Re: IM trojan RL Vaughn (Jul 21)
- Re: IM trojan Brewer, Alex D (Jul 22)
- Re: IM trojan Brian Grime (Jul 22)
- Re: IM trojan Brewer, Alex D (Jul 22)
- Re: IM trojan WILLIAM I ARNOLD (Jul 22)
- Re: IM Trojan Brewer, Alex D (Jul 22)
- Re: IM trojan Jesse Thompson (Jul 22)
- Re: IM trojan Matthew Gracie (Jul 22)
- Re: IM trojan Jesse Thompson (Jul 22)
- Re: IM trojan Matthew Gracie (Jul 22)
- Re: IM trojan RL Vaughn (Jul 21)