CERTŪ Incident Note IN-2002-03
Social Engineering Attacks via IRC and Instant Messaging
Systems Affected
Systems running Internet Relay Chat (IRC) or Instant Messaging (IM)
clients
Overview
The CERT/CC has received reports of social engineering
attacks on users of Internet Relay Chat (IRC) and Instant Messaging (IM)
services. Intruders trick unsuspecting users into downloading and
executing malicious software, which allows the intruders to use the
systems as attack platforms for launching distributed denial-of-service
(DDoS) attacks. The reports to the CERT/CC indicate that tens of
thousands of systems have recently been compromised in this manner.
......................................................
Full alert at http://www.cert.org/incident_notes/IN-2002-03.html
--
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566
