[ISN] JPEG flaw gets instant messaging worm

InfoSec News isn at c4i.org
Thu Sep 30 06:25:23 EDT 2004


By Nick Farrell
30 September 2004

VIRUS WRITERS have released an Internet worm that propagates using
instant messages and exploits the JPG flaw in Microsoft. Researchers
at The SANS Institute's Internet Storm Center (ISC) have had two
reports of a worm being installed using AOL messenger.

The victims complained that they received messages on America Online's
AOL Instant Messenger service that lured them to Web sites containing
a JPEG that contained the malicious code.

The messages told the users to "Check out my profile, click GET INFO!"  
But when they visited the site, the malicious code would attempt to
install backdoor software.

Additionally, messages containing a link to the site would be sent out
to all contacts on the victim's instant messenger contacts list.

The ISC said the attempts failed but showed that hackers were starting
to build code using the JPEG vulnerability.

More information about the ISN mailing list