IE Used to Launch Instant Messaging and Questionable Clicks

IE Used to Launch Instant Messaging and Questionable Clicks

"Last month, a particular Instant Messaging attack was infecting users via
Yahoo Instant Messenger and causing no small amount of misery for
end-users. This month, we've discovered a variant that's inextricably
linked to a sophisticated piece of possible clickfraud (depending on how
you define it). We often hear about the menace of Botnets in relation to
this kind of scam - indeed, a common tactic (which we've seen a number of
times) is to hijack the user's homepage and fill it full of clickable
adverts that bring in a return for the Botnet owner. Here, we have an
attacker going one step further and doing away with the complicated aspect
of the Botnet altogether, substituting it for an infinitely more
straightforward scheme involving the Yahoo IM worm mentioned above as a
launchpad. Effectively, we have a Botnet without a Botnet. Yet the damage
done is the same, and the potential for financial fraud is in some ways
more severe, such is the ease with which this particular attack spreads.
First, let's take a look at the technical aspects of this attack..."

http://blog.spywareguide.com/2006/10/ie_used_to_launch_insta nt_mess_1.html

Imhotep