Re: IM trojan

[Jesse Thompson <jesse.thompson () DOIT WISC EDU>]

It would be interesting to find out if organizations that maintain their 
own IM system (Jabber/XMPP or otherwise) are less susceptible to this 
type of threat.

If an organization does not offer a local IM service, do employees use 
the "big" IM services to communicate, and does that make the 
organization more vulnerable?

Conversely, if an organization has a local IM services, do a significant 
number of employees still sign in to the "big" IM services while they 
are at work anyway?

Jesse

On 07/21/2010 05:52 PM, Dick Jacobson wrote:
> We got hit today with a trojan that is spreading through IM.  It
> references a Facebook presence and contains an image. When the message
> is clicked on, the trojan spreads to that user's IM list and infects the
> machine.
>
> The symptoms are not always consistent but most have gotten a pop-up
> when the open a web browser which asks them to click to confirm they are
> a human and not a robot.
>
> McAfee and MalwareBytes do not clean this; and we are rebuilding at
> least 2 machines because of this.
>
> Anyone else seeing this and/or have a fix ??
>
>
> -----------------------------------------------------------------------
> Dick Jacobson e-mail : Dick.Jacobson () ndus edu
> NDUS IT Security Officer office : STTC 219
> phone : 701-231-6280
> -----------------------------------------------------------------------

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature