IE holes lead to AIM, dial-up attacks
Results 1 to 2 of 2

Thread: IE holes lead to AIM, dial-up attacks

  1. #1
    Join Date
    Apr 2003

    IE holes lead to AIM, dial-up attacks

    Security holes in Microsoft's Internet Explorer have been exploited by hackers to hijack AOL instant messaging accounts and force unsuspecting Web surfers to run up massive phone bills, computer experts cautioned on Friday.

  2. #2
    Join Date
    Dec 2001
    That article makes it sound like the malicious web page downloads a program to your computer. This is not true, atleast for the AIM vulnerability that many people I know have been hit with. What happens is that there is a vbscript on the webpage that reads the key of your registry where your encrypted AIM password is (if you have checked that AIM save your password). This encryption is extremely weak and can be easily cracked or the attacker may just put the encrypted password in his/her registry. So if you don't want to be vulnerable to this attack you should not have AIM remember your password (which you shouldn't do in the first place).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts