Volume 3, Number 33 -- September 27, 2006

'Heartworm' Uses 'Hoax Cloaking' to Steal Information from Live Messenger Users

Published: September 27, 2006

by Alex Woodie

Security researchers issued warnings last week about a new worm called Heartworm that infects Microsoft's Windows Live Messenger instant messaging software with the goal of stealing users' personal data.

According to FaceTime Security, a Northern California provider of instant messaging security software, Heartworm sends users messages that direct them to a Web site. Once on the Web site, they're presented with an image of a heart with a poem in Portuguese. If the user clicks on that image, it installs files on their computer designed to steal personal information, as well as banking information, FaceTime says.

FaceTime says the malicious Web sites pointed to by the Heartworm worm are hosted on Russian servers. The elaborate ruse also involves hoax-debunking Web sites designed to encourage suspicious Web site visitors to click through.

"This is a form of cultural camouflage which we call 'hoax cloaking,'" says Wayne Porter, senior director of special research at FaceTime Security Labs. "It is a defensive construct that adopts the very lore, memes, myth, and culture of the Internet to serve as a self-preservation and cloaking mechanism. People using trusted search engines to verify the message will find most reputable security companies and hoax-debunking sites confirm it as a myth and disregard it as harmless."

Sponsored By

Reliable service and affordable rates for all
of your business computing needs.

                                             * Network Design/Installation/Support
                                             * Network Printing/Digital Print Migration
                                             * Upgrades and Troubleshooting
                                             * Training
                                             * Graphic Design
                                             * Virus Removal
                                             * Consulting

Wolf is a Microsoft Certified Systems Engineer and
Microsoft Certified Systems Administrator.

Contact Wolf
Fax: 973-293-0100
Phone: 914-443-5534

Editor: Alex Woodie
Contributing Editors: Dan Burger, Joe Hertvik,
Shannon O'Donnell, Timothy Prickett Morgan
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

Sponsored Links

Micro Focus:  Develop, extend and deploy applications with Server Express and Enterprise Server
OpenLogic:  Install, integrate, test, manage, and learn over 120 open source projects with BlueGlue
COMMON:  Join us at the Spring 2007 conference, April 29 - May 3, in Anaheim, California


Subscription Information:
You can unsubscribe, change your email address, or sign up for any of IT Jungle's free e-newsletters through our Web site at

Copyright © 1996-2008 Guild Companies, Inc. All Rights Reserved.
Guild Companies, Inc., 50 Park Terrace East, Suite 8F, New York, NY 10034

Privacy Statement