Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

AIM Today Gets Hacked

From: InfoSec News <isn () c4i org>
Date: Tue, 30 Apr 2002 04:01:13 -0500 (CDT)
http://www.internetnews.com/dev-news/article/0,,10_1024491,00.html

By Bob Woods    
April 29, 2002 
 
Users of America Online's instant-messaging program and system were
unwittingly connected to profanity and pornography last Saturday,
according to an anti-AOL Web site.

AOL Watch said that malicious hackers -- more accurately known as
"crackers" -- inserted profane graffiti, X-rated photos and sound
files throughout the "Entertainment" section in AIM Today. The AIM
Today feature of AOL's Instant Messenger (AIM) generally pops up when
a user first starts the AIM program, unless the user has disabled that
feature.

Four separate categories within the Entertainment section were taken
over by the malicious hackers, who then went on to post messages in
those areas. If an unsuspecting user went to two of those lists,
profanity-laced audio messages would automatically play on his or her
system. One page even played a song from the rock group Prodigy.

The hack incident itself lasted for more than eight hours before it
was removed from AIM Today, according to AOL Watch.

AOL officials were not immediately available for comment on the
incident.

While the hack did not appear to affect people who use AIM for instant
messaging-based conversations, the incident itself once again brings
up the issue of security on the public IM networks. Just last week, an
unintended feature surrounding the installation of AIM came to light
-- the installation process of AIM on a PC covertly forces Microsoft
Internet Explorer (IE) browsers to accept "Welcome to America Online"  
at free.aol.com as a "Trusted site." Automatically designating the
free.aol.com site as a Trusted site allows AOL to install cookies and
even run code on a user's PC without their knowledge.

And last January, AOL patched a security flaw in the 4.7 and 4.8
versions of AIM that potentially could have allowed destructive
Internet worms to infect AIM's 100 million+ users. Because the patch
is a server-side fix, AIM users do not have to download it.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: