Forwarded from: Justin Lundy <jblat_private> http://www.cert.org/incident_notes/IN-2002-03.html The CERT/CC has received reports of social engineering attacks on users of Internet Relay Chat (IRC) and Instant Messaging (IM) services. Intruders trick unsuspecting users into downloading and executing malicious software, which allows the intruders to use the systems as attack platforms for launching distributed denial-of-service (DDoS) attacks. The reports to the CERT/CC indicate that tens of thousands of systems have recently been compromised in this manner. Reports received by the CERT/CC indicate that intruders are using automated tools to post messages to unsuspecting users of IRC or IM services. These messages typically offer the opportunity to download software of some value to the user, including improved music downloads, anti-virus protection, or pornography. Once the user downloads and executes the software, though, their system is co-opted by the attacker for use as an agent in a distributed denial-of-service (DDoS) network. Other reports indicate that Trojan horse and backdoor programs are being propagated via similar techniques. -jbl -- "Paper money eventually returns to its intrinsic value - zero." -Voltaire HTTP: www.subterrain.net/~jbl/ % GPG key: www.subterrain.net/~jbl/jbl.gpg %% GPG key fingerprint: 7F63 6DF4 B2F8 31F7 5219 8E0B 602F C8C8 D77E FFDF - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Mar 20 2002 - 04:33:25 PST