two
Volume 3, Number 33 -- September 27, 2006

'Heartworm' Uses 'Hoax Cloaking' to Steal Information from Live Messenger Users

Published: September 27, 2006

by Alex Woodie

Security researchers issued warnings last week about a new worm called Heartworm that infects Microsoft's Windows Live Messenger instant messaging software with the goal of stealing users' personal data.

According to FaceTime Security, a Northern California provider of instant messaging security software, Heartworm sends users messages that direct them to a Web site. Once on the Web site, they're presented with an image of a heart with a poem in Portuguese. If the user clicks on that image, it installs files on their computer designed to steal personal information, as well as banking information, FaceTime says.

FaceTime says the malicious Web sites pointed to by the Heartworm worm are hosted on Russian servers. The elaborate ruse also involves hoax-debunking Web sites designed to encourage suspicious Web site visitors to click through.

"This is a form of cultural camouflage which we call 'hoax cloaking,'" says Wayne Porter, senior director of special research at FaceTime Security Labs. "It is a defensive construct that adopts the very lore, memes, myth, and culture of the Internet to serve as a self-preservation and cloaking mechanism. People using trusted search engines to verify the message will find most reputable security companies and hoax-debunking sites confirm it as a myth and disregard it as harmless."

Sponsored By
WOLF COMPUTER CONSULTING

Reliable service and affordable rates for all
of your business computing needs.

                                             * Network Design/Installation/Support
                                             * Network Printing/Digital Print Migration
                                             * Upgrades and Troubleshooting
                                             * Training
                                             * Graphic Design
                                             * Virus Removal
                                             * Consulting

Wolf is a Microsoft Certified Systems Engineer and
Microsoft Certified Systems Administrator.

Contact Wolf
Email: info@wolfconsult.net
Fax: 973-293-0100
Phone: 914-443-5534
Editor: Alex Woodie
Contributing Editors: Dan Burger, Joe Hertvik,
Shannon O'Donnell, Timothy Prickett Morgan
Publisher and Advertising Director: Jenny Thomas
Advertising Sales Representative: Kim Reed
Contact the Editors: To contact anyone on the IT Jungle Team
Go to our contacts page and send us a message.

Sponsored Links

Micro Focus:  Develop, extend and deploy applications with Server Express and Enterprise Server
OpenLogic:  Install, integrate, test, manage, and learn over 120 open source projects with BlueGlue
COMMON:  Join us at the Spring 2007 conference, April 29 - May 3, in Anaheim, California

 
THIS ISSUE SPONSORED BY:

Vision Solutions
MKS
Lakeview Technology
World Data Products
Wolf Computer Consulting



TABLE OF CONTENTS
Microsoft Issues Out-of-Cycle Patch for VML Flaw

IBM to Try Selling Technical Services as Products

Atempo Improves VMware Support with Time Navigator 4.1

The Disk Drive at 50: Still Spinning

But Wait, There's More:

PowerShell Goes to RC2 . . . 'Heartworm' Uses 'Hoax Cloaking' to Steal Information from Live Messenger Users . . . Prevx Updates Windows Security Suite . . . EMC Buys Virtual Tape Library Specialist Neartek . . . Stampede Adds Application Plug-In to Acceleration Appliance . . . Virtual Iron Readies Next-Generation Virtualization, Partners with PlateSpin . . .

The Windows Observer

BACK ISSUES

The Four Hundred
Expect i5/OS V5R5 in 2007, Power6 for System i Maybe in 2007

Venture Capitalist Thoma Cressey Acquires Vision Solutions

The iSociety: System i Users React

As I See It: Pretexting

The Linux Beacon
Novell, Concurrent Create Real-Time SUSE Linux Variant

Mandriva's Corporate Server 4.0 Comes to Market

SGI Kills Off Irix Unix and MIPS Machines, At Long Last

As I See It: Pretexting

Big Iron
A Joint Assault on the Mainframe Hardware Market

Top Mainframe Stories and Vendor Announcements

Chats, Webinars, Seminars, Shows, and Other Happenings

The Unix Guardian
SGI Kills Off Irix Unix and MIPS Machines, At Long Last

Solaris 10 with Trusted Extensions Readied for 11/06 Update

IBM, Sun Add Encryption to High-End Tape Drives

As I See It: The Incredible Shrinking Vacation


 
Subscription Information:
You can unsubscribe, change your email address, or sign up for any of IT Jungle's free e-newsletters through our Web site at http://www.itjungle.com/sub/subscribe.html.

Copyright © 1996-2008 Guild Companies, Inc. All Rights Reserved.
Guild Companies, Inc., 50 Park Terrace East, Suite 8F, New York, NY 10034

Privacy Statement