Social Engineering Attacks via IRC and Instant Messaging

[InfoSec News <isn () c4i org>]

Forwarded from: Justin Lundy <jbl () subterrain net>

http://www.cert.org/incident_notes/IN-2002-03.html

The CERT/CC has received reports of social engineering attacks on
users of Internet Relay Chat (IRC) and Instant Messaging (IM)
services. Intruders trick unsuspecting users into downloading and
executing malicious software, which allows the intruders to use the
systems as attack platforms for launching distributed
denial-of-service (DDoS) attacks. The reports to the CERT/CC indicate
that tens of thousands of systems have recently been compromised in
this manner.

Reports received by the CERT/CC indicate that intruders are using
automated tools to post messages to unsuspecting users of IRC or IM
services. These messages typically offer the opportunity to download
software of some value to the user, including improved music
downloads, anti-virus protection, or pornography. Once the user
downloads and executes the software, though, their system is co-opted
by the attacker for use as an agent in a distributed denial-of-service
(DDoS) network. Other reports indicate that Trojan horse and backdoor
programs are being propagated via similar techniques.

-jbl

-- 
"Paper money eventually returns to its intrinsic value - zero." -Voltaire
HTTP: www.subterrain.net/~jbl/ % GPG key: www.subterrain.net/~jbl/jbl.gpg
%% GPG key fingerprint: 7F63 6DF4 B2F8 31F7 5219 8E0B 602F C8C8 D77E FFDF



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.