| ...but I think this could potentially affect everyone of us. AIM Worm Can this affect Trillian/GAIM/Other IM Service ?
Yes, if you execute the link someone else with the worm sends you, it can still dick up your computer, although it may not send out worm links to others if you aren't using AIM. It opens a web browser, and depending upon your OS and browser it may automatically execute the ".com" (the batch file). Moral the story is mouseover every link everyone sends you to ensure it's not bullshit. SP2 on windows xp should ask you if you want to execute the file, there could be other layers of stupidity mitigation I'm not remembering, but yeah, this is an issue for everyone. How do I know if the link is safe? ...there are a few key hints. The URL will be totally unfamiliar, and will end in a .com, a .bat (not like google.com, I mean like a filename with a .com extension, like [ www.google.com/file.com ]) or something similar. You can see the URL by mousing over the link. The URL will not be a link address, it will be something like "Look at my pictures!" and you can only see the URL when you mouse over. Also, it will be something generic - "Look at my pictures" "Check this out" "Haha! This made me laugh!" What if I get infected?
Update your antivirus and hope it's good enough to eliminate the rootkit. These kinds of programs are made to *not* be detected, so you could potentially have a real problem that can only be solved by a professional. Moral of the story, use your brain and don't click until you're sure what the resulting URL will contain. I've Got a Mac, will this affect me? Probably not, then again you're on a Mac, so you've got other problems =P. I use Firefox, so I'm safe, right? A secure browser is no excuse to stop using your brain. No, you aren't safe. I'm on Linux, what about me? See the Mac comment. Okay, so I just need to worry about .coms and .bats? Any executable file extension can potentially execute malicious code on your machine: Partial list of file types that should be considered suspicious when received in email/instant-messenger and should not be opened unless you requested or expected the attachment: ADE - Microsoft Access Project Extension
ADP - Microsoft Access Project
BAS - Visual Basic Class Module
BAT - Batch File
CHM - Compiled HTML Help File
CMD - Windows NT Command Script
COM - MS-DOS Application
CPL - Control Panel Extension
CRT - Security Certificate
DLL - Dynamic Link Library
DO* - Word Documents and Templates
EXE - Application
HLP - Windows Help File
HTA - HTML Applications
INF - Setup Information File
INS - Internet Communication Settings
ISP - Internet Communication Settings
JS - JScript File
JSE - JScript Encoded Script File
LNK - Shortcut
MDB - Microsoft Access Application
MDE - Microsoft Access MDE Database
MSC - Microsoft Common Console Document
MSI - Windows Installer Package
MSP - Windows Installer Patch
MST - Visual Test Source File
OCX - ActiveX Objects
PCD - Photo CD Image
PIF - Shortcut to MS-DOS Program
POT - PowerPoint Templates
PPT - PowerPoint Files
REG - Registration Entries
SCR - Screen Saver
SCT - Windows Script Component
SHB - Document Shortcut File
SHS - Shell Scrap Object
SYS - System Config/Driver
URL - Internet Shortcut (Uniform Resource Locator)
VB - VBScript File
VBE - VBScript Encoded Script File
VBS - VBScript Script File
WSC - Windows Script Component
WSF - Windows Script File
WSH - Windows Scripting Host Settings File
XL* - Excel Files and Templates Good luck my pretties.
mkay?
Kenny...
PETZ Member #5
 SteamyZ. Never had did me wrong. - SL103 07/06/04 11:58:15 |
