On The Insider: Britney's Bikini-Clad Top 10
BNET Business Network:
BNET
TechRepublic
ZDNet
21 TalkBacks

By Greg Sandoval
Posted on ZDNet News: Nov 17, 2005 8:46:00 PM

Security sleuths at FaceTime Communications say they have linked a group of hackers operating in the Middle East to a worm that began spreading last month via America Online's Instant Messenger service.

Experts at FaceTime's security unit reported Thursday that the hacker group has seized control of at least 17,000 computers across the globe. The hackers have the capability to pilfer personal information from a computer's hard drive or remotely commandeer a PC to help launch attacks against companies or networks.

FaceTime, headquartered in Foster City, Calif., has alerted the FBI and warned that the 17,000 computers were controlled by a single compromised server. There is a chance that the hacker band may control other servers and thousands more computers, according to Tyler Wells, senior director of engineering at FaceTime.

"The fact that they are using instant messaging is a disturbing trend," Wells said. "These guys are using BitTorrent...and that is getting a bit scary. They are using IRC-enabled spyware to control PCs."

BitTorrent is a freely available file-sharing network that hackers have been using to move large files more easily, Wells said.

On Oct. 28, FaceTime identified a worm that delivers a rootkit designed to go undetected by the security software used to lock down control of a computer after an initial hack.

Subsequent research has revealed that the rootkit worm piggybacking on AOL Instant Messenger acts as a back door for adding spyware, which can be used to pilfer usernames, passwords and other personal information.

A hacker can control this process through IRC, or Internet Relay Chat, communications.

Wells said FaceTime traced specific signatures within various code associated with the exploit. This gave them the ability to resolve where the exploits originated.

The FBI did not immediately respond to a request for comment.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 21 Talkback(s)
War
No! No! It's too cruel!!!
...and I think it was ammended to the Geneva Convention.... (Read the rest)
Posted by: BandwidthBandit Posted on: 11/20/05 You are currently: a Guest | | Terms of Use
so  Jack-Booted EULA | 11/17/05
RTFS  htotten | 11/17/05
Don't use it myself  Jack-Booted EULA | 11/17/05
Doesn't matter  vdraken | 11/17/05
it *was* AIM related, now the scope is broader..  paperghost | 11/17/05
AIM on windows whatever!  Reverend MacFellow | 11/17/05
Troll?  PMC-CON | 11/17/05
Good grief...  Grayson Peddie | 11/17/05
u r foolish  Edward@... | 11/17/05
Sony has been adding rootkit to...  Carrion | 11/17/05
RE: Sony has been adding rootkit to...  commcastsucks | 11/17/05
Sony Had a EULA  markdoiron | 11/17/05
Sony EULA  DIMrBobSir | 11/17/05
You have to admit it was an ingenious idea,  Hugh Jass | 11/17/05
Eula not withstanding,  Update victim | 11/18/05
Interesting commentary on Sony's DRM root kit  jimgeuin@... | 11/18/05
NOT JUST SONY!!!!  s_gamgee | 11/20/05
The link....  s_gamgee | 11/20/05
EULA or not  TekkWise@... | 11/18/05
This is war  Boot_Agnostic | 11/18/05
War  BandwidthBandit | 11/20/05

What do you think?

advertisement
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
advertisement

White Papers, Webcasts, and Downloads

SmartPlanet

  • Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
  • More from IBM
  • Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
  • Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
Click Here