Re: IM trojan

[Matthew Gracie <graciem () CANISIUS EDU>]

Jesse Thompson wrote:
> It would be interesting to find out if organizations that maintain their
> own IM system (Jabber/XMPP or otherwise) are less susceptible to this
> type of threat.
>
> If an organization does not offer a local IM service, do employees use
> the "big" IM services to communicate, and does that make the
> organization more vulnerable?
>
> Conversely, if an organization has a local IM services, do a significant
> number of employees still sign in to the "big" IM services while they
> are at work anyway?
>
> Jesse

I can't remember the last time I saw a student using IM - unlimited
texting plans and Facebook chat seem to have killed it, at least around
here.

> On 07/21/2010 05:52 PM, Dick Jacobson wrote:
> > We got hit today with a trojan that is spreading through IM.  It
> > references a Facebook presence and contains an image. When the message
> > is clicked on, the trojan spreads to that user's IM list and infects the
> > machine.
> >
> > The symptoms are not always consistent but most have gotten a pop-up
> > when the open a web browser which asks them to click to confirm they are
> > a human and not a robot.
> >
> > McAfee and MalwareBytes do not clean this; and we are rebuilding at
> > least 2 machines because of this.
> >
> > Anyone else seeing this and/or have a fix ??
> >
> >
> > -----------------------------------------------------------------------
> > Dick Jacobson e-mail : Dick.Jacobson () ndus edu
> > NDUS IT Security Officer office : STTC 219
> > phone : 701-231-6280
> > -----------------------------------------------------------------------


-- 
Matt Gracie                         (716) 888-8378
Information Security Administrator  graciem () canisius edu
Canisius College ITS                Buffalo, NY
http://www2.canisius.edu/~graciem/graciem_public_key.gpg