Monday, March 20, 2006

Nasty AIM Virus

So, yesterday I got this odd AIM message from a coworker:

SomeOne9823: can I put this picture of you on myspace or facebook? http://xxx.yyy.com/1/087480967/files/yourpic02.pif

The message caught my eye, and I was just moments away from clicking on the link till I noticed the .pif extension. This of course is trouble - as a .pif is an executable program which more often then not is used to deliver viruses.

Sure enough, it's a virus and it's going through the office. I got IM'ed again with:

AnotherSomeone995: want to tell me what this is about? http://xxx.yyy.com/1/707994821/files/wtf.pif

I had the following thoughts during this attack:

  • If the person who had this much creativity to do something evil put it toward good, he/she could accomplish amazing things. (Who are we kidding? It's a he. And he's 13 years old. And angry.)
  • Just when you think a medium is virus free, think again.
  • One word: copycats.
  • How on earth can browsers still download and run .pif files that came from a fundamentally untrusted source like AIM without jumping up and raising a stink?
  • Why is that I can't send image attachments to people, yet I can still be infected using this primitive download-throug-the-browesr trick?

The good news is that the advice one gives for this virus attack is the same as all others. If you don't know what's behind that link/attachment, don't click on it. Ever.

No comments:

Post a Comment