Libraries are concerned with the security of their computers. This is a good thing. Every time I talk to librarians about IM in their libraries, they ask about the security risks involved. Because of this I’m always on the lookout for news related to malware being spread via IM clients.
A Trojan continued to spread Monday among America Online instant messaging clients, and installs its backdoor on the infected PC when trusting users click on a link within the line “Check out this” or “i thought youd wanna see this” from a buddy on their AIM contact list.
Dubbed “Oscarbot” by McAfee and “Doyorg” by Symantec, the Trojan doesn’t spread automatically when users download and run the file linked in the instant message. Instead, it opens a port and listens for instructions on IRC (Internet Relay Channel); the attacker must specifically order each infected machine to start spreading.
It propagates by sending the same message to every buddy in the system’s AOL Instant Messenger client’s address book.
The rest of the article details that the purpose of this is for the creation of zombie networks, and that the usual antivirus software should catch this thing.
Has anyone or anyone you know been infected with this?