This is one of the most out-there spyware stories I’ve seen in a long time.
According to spyware-busting samurai Paperghost at VitalSecurity, a megabundle of crap is being propagated through an AOL Instant Messenger worm, and it includes such choice tidbits as:
- 180Solutions Zango
- A custom version of BitTorrent that pushes Mr. Bean, the Movie.
- A rootkit to hide its nefarious actions.
- And last, but certainly not least, a copy (apparently legit) of Mark Russinovich’s Rootkit Revealer (the tool which Mark, a Windows superguru programmer, used to bust the Sony rootkit). Massive dose of irony here.
The worm lures victims through the following AOL Instant Messenger with the following messages:
“great picture 🙂 http://www.picteurestrail.net/Mastermon/XXXXXX.JPG”, or
“not a right time to take a picture haa 🙂 http://www.picteurestrail.net/Mastermon/XXXXXX.JPG”
“not a right time to take a picture haa 🙂 http://www.pictrail.net/Matelord/XXXXXX.JPG”
“not a right time to take a picture haa 🙂 http://www.picstrailx.net/Mateslord/XXXXXX.JPG”
Paperghost’s writeup here. Advisory from his employer, FaceTime, here.
Alex Eckelberry