Major security vendors yesterday reported a bug exploiting JPEG processing is spreading on the Internet through American Online's instant messaging program.
According to experts at the US-based SysAdmin Audit Network Security (SANS), the virus is in its infancy and has so far received only two reports of infections. .
The victim of this virus received a message from AOL's instant messaging service that linked them to websites with malicious JPEG files. The message reads: Take a look at my profile, click the GET INFO button! " By following these instructions, the user will go to a web page, which will automatically send the malicious code embedded in the JPEG image to their computer. Once infected, the computer sends the message to the addresses in the message list.
This code also installs a backdoor that can give remote control of infected computers to the hacker. F-Secure has warned that the virus exploiting JPEG errors could bypass anti-virus technology. By default, anti-virus software only scans for files with the EXE extension. And even if the user changes the settings on the antivirus software, the hacker can still change the file name extension to avoid detection.
Microsoft has not commented on the new virus. Next week, the company will launch a beta of MSN instant messenger.
