Sign In
Create Account
0
Quote
Opanki.worm diguises itself as iTunes for Windows
Posted Jul 20, 2005, 7:00 PM ET by Laurie A. Duncan
There's a worm on the loose that poses as iTunes that your Mac-challenged friends should be on the look out for. "The Opanki.worm," reports CIO Today "poses as a file named iTunes.exe and is designed to lure users into believing it’s part of the iTunes Music Store. When activated, the worm sends a message to the infected user’s online contacts, reading 'this picture never gets old.' The message has a link to a Web page where recipients are instructed to download an image file. The worm begins downloading spyware as soon as it is activated."
The worm opens a random TCP port on the infected machine and then connects to an IRC chat server. "Once connected, it joins the IRC channel #fate, where it listens for commands from a remote malicious user," Trend Micro notes in their advisory. "It then executes these commands locally on affected machines."
The file is currently being distributed over the AOL Instant Messenger network and only affects Windows users, natch... So far it looks like the impact of this will be minor, but only time will tell.
Is it wrong that I have stopped feeling sorry for those who get bitten by things like this over and over again?
Posted Jul 20, 2005, 7:00 PM ET by Laurie A. Duncan
There's a worm on the loose that poses as iTunes that your Mac-challenged friends should be on the look out for. "The Opanki.worm," reports CIO Today "poses as a file named iTunes.exe and is designed to lure users into believing it’s part of the iTunes Music Store. When activated, the worm sends a message to the infected user’s online contacts, reading 'this picture never gets old.' The message has a link to a Web page where recipients are instructed to download an image file. The worm begins downloading spyware as soon as it is activated."
The worm opens a random TCP port on the infected machine and then connects to an IRC chat server. "Once connected, it joins the IRC channel #fate, where it listens for commands from a remote malicious user," Trend Micro notes in their advisory. "It then executes these commands locally on affected machines."
The file is currently being distributed over the AOL Instant Messenger network and only affects Windows users, natch... So far it looks like the impact of this will be minor, but only time will tell.
Is it wrong that I have stopped feeling sorry for those who get bitten by things like this over and over again?
Source: http://www.tuaw.com/...es-for-windows/
Back to top
