Posted: 19th Sep, 2006 By: MarkJ
Users of ISP AOL's Instant Messenger (IM) client have been warned about a new worm known as Win32.Pipeline, which is using the service to propagate onto poorly secured customer PC's:
FaceTime Security Labs said that the worm delivers an executable file disguised as a JPEG image. The file calls out to various host computers that download a variety of other files including rootkits and Trojans that may further propagate the worm through the user's AIM Buddy List.
Like many IM worms, Win32.Pipeline first appears as an instant message from a familiar contact, luring users into clicking on a link with a contextual phrase. Once the user's PC is infected, it becomes part of a botnet and is under complete control of the hacker to use for a variety of purposes.
These could include relaying spam, performing distributed denial-of-service attacks or committing financial fraud against online advertisers.
There's a detailed security update on it -
HERE. More @
VNUNet.