Feeds

Users attacked by mysterious AIM buddies

AOL denies then claims responsibility

Beginner's guide to SSL certificates

Updated This afternoon, someone was surreptitiously adding unauthorized chat buddies to AOL instant messaging clients running across the Web.

Three separate Register employees noticed the offending buddies, which show up under the "AIM Bots" portion of the AOL buddy list, carrying the names "Prof Gilzot," "sharethisdotcom," "Spleak," and "WSJ." In one instance, they appeared on a third-party Adium client that ties into AOL’s instant messaging network.

This seemed to indicate AOL was responsible for the bizarre occurrence, but when we first contacted the company, it denied any involvement. "These buddies just automatically appeared?" asked AOL's AIM spokesperson Erin Gifford. "My client has not done that."

A screen shot of the mysterious buddy bots popping on AIM clients.

Mysterious AIM buddies

However, a recent blog post indicated that the bots were indeed added by AOL (thanks to reader Rob for the tip), and this afternoon, Gifford called back to claim responsibility. "These new bots are primarily for new users," she says. "But if you still have the AIM bots group on your buddy list...these five new bots will be added to your client."

The AIM Bots group typically includes automated buddies that respond to questions and comments from users. At installation, the latest AIM client installs two such bots, one attached to AOL’s Moviefone site and one attached to the company’s Shopping site. The four new bots tie into other services, including the Wall Street Journal Web site.

Those using Adium, and perhaps other clients, will find the new "buddies" grouped with typical contacts rather than listed as bots. One of our hacks was shocked to find the robot chums, thinking his IM client had been hacked or taken over by another user.

At the very least, AOL should be notifying users that these buddies are being added. And it seems odd that the company hadn't told its PR people about the bots - let alone the press. After all, the Wall Street Journal is a major partner.®

Security for virtualized datacentres

More from The Register

next story
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Multiple desktops and live tiles in restored Start button star in new vids
Not appy with your Chromebook? Well now it can run Android apps
Google offers beta of tricky OS-inside-OS tech
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
NHS grows a NoSQL backbone and rips out its Oracle Spine
Open source? In the government? Ha ha! What, wait ...?
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.