[ISN] AIM Today Gets Hacked

From: InfoSec News (isnat_private)
Date: Tue Apr 30 2002 - 02:01:13 PDT

  • Next message: InfoSec News: "[ISN] Movement afoot to beef up industrial cybersecurity"

    http://www.internetnews.com/dev-news/article/0,,10_1024491,00.html
    
    By Bob Woods    
    April 29, 2002 
     
    Users of America Online's instant-messaging program and system were
    unwittingly connected to profanity and pornography last Saturday,
    according to an anti-AOL Web site.
    
    AOL Watch said that malicious hackers -- more accurately known as
    "crackers" -- inserted profane graffiti, X-rated photos and sound
    files throughout the "Entertainment" section in AIM Today. The AIM
    Today feature of AOL's Instant Messenger (AIM) generally pops up when
    a user first starts the AIM program, unless the user has disabled that
    feature.
    
    Four separate categories within the Entertainment section were taken
    over by the malicious hackers, who then went on to post messages in
    those areas. If an unsuspecting user went to two of those lists,
    profanity-laced audio messages would automatically play on his or her
    system. One page even played a song from the rock group Prodigy.
    
    The hack incident itself lasted for more than eight hours before it
    was removed from AIM Today, according to AOL Watch.
    
    AOL officials were not immediately available for comment on the
    incident.
    
    While the hack did not appear to affect people who use AIM for instant
    messaging-based conversations, the incident itself once again brings
    up the issue of security on the public IM networks. Just last week, an
    unintended feature surrounding the installation of AIM came to light
    -- the installation process of AIM on a PC covertly forces Microsoft
    Internet Explorer (IE) browsers to accept "Welcome to America Online"  
    at free.aol.com as a "Trusted site." Automatically designating the
    free.aol.com site as a Trusted site allows AOL to install cookies and
    even run code on a user's PC without their knowledge.
    
    And last January, AOL patched a security flaw in the 4.7 and 4.8
    versions of AIM that potentially could have allowed destructive
    Internet worms to infect AIM's 100 million+ users. Because the patch
    is a server-side fix, AIM users do not have to download it.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Apr 30 2002 - 12:33:46 PDT