Campus computers vulnerable to instant-messaging virus

Campus computers vulnerable to instant-messaging virus

Campus computers vulnerable to instant-messaging virus

Students using any instant messaging service might need to take precautions.

The virus, W32/Rbot-AVB, is sending itself through AOL Instant Messaging, Yahoo Messenger, MSN Messenger, Windows Messenger and IRC.

“This one actually can destroy your operating system and other things to make your system not useful,” said Steve Earney, assistant vice president for information services.

“It has a backdoor functionality,” said Al Stadler, network administrator. “Anti-virus doesn’t detect it, so it’s hard to get rid of.”

Earney said the virus came to the computer center’s attention two weeks ago. He said the virus was passed on through one instant messaging network when they first discovered it.

“It’s mutated to work on all the networks,” he said.

Stadler said what makes this particular virus bad is it works across the multiple systems.

“It has multiple ways of coming in,” Stadler said.

Stadler said there is a one main problem with instant messaging. He said like with e-mail, people are supposed to watch out for suspicious e-mails, but instant messaging uses buddy lists.

“You know you’ve talked to these people, so you trust them,” he said. “They send you something, and you click on an attachment or URL you believe it’s going to be in good faith. They might not know they have the virus, and they are spreading it.”

Stadler said instant messaging is a trusted environment.

“You think they are not going to hurt you, and they accidentally do,” he said.

“It may not be some worker on the Internet,” Earney said. “It might be one of your friends that picked it up.”

Earney said there also could be the problem with identity theft.

“You put these people in trusted relationships like your buddy lists, or maybe it’s just somebody you met on the Internet,” Earney said, “and you became a little bit more intimate.”

He said they could be doing this so they can gain access to your computer. It is becoming a growing problem with credit cards, Earney said.

“People are actually looking for ways to commit identity theft,” he said. “This [W32/Rbot-AVB] is a new way to do it.”

Stadler said viruses are ongoing things.

“There’s constant different versions of viruses, different types of viruses coming out,” he said. “It’s ongoing struggle to contain these issues. This one has a better chance of doing more damage.”

An e-mail was sent out to the campus Oct. 31, detailing information dealing with the virus. In the e-mail, the virus delivers software called a rootkit, which goes undetected in a computer.

“That’s why we sent the advisory out,” Stadler said.

Stadler said as of right now, five people reported having the virus. Earney said they have received e-mails from students regarding viruses.

The computer center is currently trying to fix the problem.

“We’re actively monitoring when we do have virus activity,” Stadler said. “We are trying to put filters in place, change the firewall slightly to block some content that we can.”

Despite filtering out the viruses and using firewalls, Earney said the viruses can still come in “a secret way” using instant messaging.

“That’s a new challenge for IT people,” he said.

Earney said Stadler cannot block everything with the firewalls.

“It keeps changing,” he said. “So you are always behind the eight-ball a little bit.”

Earney said they need firewalls for instant messaging or better tools to keep viruses out.

“It would really be a nice utility if everything came to you clean, and anything that could hurt you was just taken out,” he said.

Earney said students must be cautious. Stadler said they have to be aware and not to give out passwords or addresses.

“Don’t give out personal information,” Stadler said. “I wouldn’t sign up for an instant messaging account with your name.”

If a friend sends a URL, Stadler said it is advised not to open it. He said if they are executable-type files like .exe and .bat, do not download them.

“They’re suspect,” he said.

If anyone clicks on a URL, Stadler said it not only passes along viruses – it can pass on spy ware.

“They eat bandwidth and slow down your computer,” he said.

If anyone thinks he or she has the virus, one may need to reinstall the operating system, all applications. Anyone can lose everything on his or her hard drive if the data is not backed up.

To fix the problem, Stadler said students should update Windows with the necessary patches and need to put an anti-virus program on their computers.

“Install it,” he said, “and update the virus information. Scan your machine when its offline – disconnect your cable and verify you’re clean. If you’re not clean, keep it off the network.”

He also said students should update Windows with the necessary patches.