Quick Hits

‘Frankenstein’ rootkit hits AIM users

A potentially destructive new worm is targeting users of AOL’s AIM instant messaging (IM) service. Called W32/Sdbot-ADD by Facetime Security Labs, the vendor that first reported its existence in a less harmful version some weeks ago, this is a worm with a troubling and innovative twist — it installs a rootkit-like backdoor on any machine it manages to infect. An attack starts with an AOL IM user being asked to open a link, apparently at the request of an AOL “buddy” or contact. Clicking on this initiates the infection sequence, which starts by dumping a number of adware files, and the rootkit software itself, lockx.exe. Once on the PC, the malware attempts to shut down anti-virus software, install software that allows the PC to be remotely controlled by IRC, and open a backdoor for future attack.

Clicking, clacking and snooping

The idea of snooping on keyboards has been around since the Cold War, when Soviet spies bugged typewriters in the American embassy in Moscow. Now researchers at the University of California, Berkeley, have found a way to turn the clicks and clacks of typing on a computer keyboard into a startlingly accurate transcript of what is being typed. The researchers have developed software that can analyze the sounds of someone typing on a keyboard for 10 minutes and then piece together as much as 96 per cent of what was typed. The technique works because the sound of someone striking an “A” key, for example, is different from the sound of striking the “T.” Even randomly generated passwords are not secure: researchers were able to guess 90 per cent of the five-character passwords they generated within 20 tries.

Quick Link 050732

Would you recommend this article?

0
0

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada

Related Tech News