[ISN] Social Engineering Attacks via IRC and Instant Messaging

From: InfoSec News (isnat_private)
Date: Wed Mar 20 2002 - 01:15:49 PST

  • Next message: InfoSec News: "[ISN] Can Hackers Hack It?"

    Forwarded from: Justin Lundy <jblat_private>
    
    http://www.cert.org/incident_notes/IN-2002-03.html
    
    The CERT/CC has received reports of social engineering attacks on
    users of Internet Relay Chat (IRC) and Instant Messaging (IM)
    services. Intruders trick unsuspecting users into downloading and
    executing malicious software, which allows the intruders to use the
    systems as attack platforms for launching distributed
    denial-of-service (DDoS) attacks. The reports to the CERT/CC indicate
    that tens of thousands of systems have recently been compromised in
    this manner.
    
    Reports received by the CERT/CC indicate that intruders are using
    automated tools to post messages to unsuspecting users of IRC or IM
    services. These messages typically offer the opportunity to download
    software of some value to the user, including improved music
    downloads, anti-virus protection, or pornography. Once the user
    downloads and executes the software, though, their system is co-opted
    by the attacker for use as an agent in a distributed denial-of-service
    (DDoS) network. Other reports indicate that Trojan horse and backdoor
    programs are being propagated via similar techniques.
    
    -jbl
    
    -- 
    "Paper money eventually returns to its intrinsic value - zero." -Voltaire
    HTTP: www.subterrain.net/~jbl/ % GPG key: www.subterrain.net/~jbl/jbl.gpg
    %% GPG key fingerprint: 7F63 6DF4 B2F8 31F7 5219 8E0B 602F C8C8 D77E FFDF
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Wed Mar 20 2002 - 04:33:25 PST