Sdbot.add is going around the AIM (AOL instant Messenger) network. An infected user’s contacts are used for the next line of infections. Once the host is infected, its contacts are sent an instant message asking them to download a link. Since the message is coming from someone you know, you may be tempted to download the package. Ask some questions to the contact before accepting the download. So, what’s so bad about the download? The payload is a rootkit. The rootkit, lockx.exe, enables a malicious user to remain hidden from your view – even though they “own” your computer. The rootkit givers the malicious user the ability to do whatever they want, without your knowledge. Be safe – and cancel the download and ask questions. Never accept a blind request to accept a file.
AOL Instant Messenger Rootkit
October 31st, 2005 
admin 
Posted in Security 
very nasty. I’m sure other IM clients will be targetted also
Rootkits are the latest nasty thing! Speaking of…let’s boycott Sony!