New YIM! Bot Wants you in the Money Mule Program

Instead of one of "5000 MacBooks for free to commemorate Steve Jobs", you get a shady job proposal

Cyber crooks have used instant messaging applications to spread malware for quite a while. While most of these creations are clumsy and one can easily tell they’re being conned by an IM bot, today’s encounter is trickier.

First off, the bot, identified by Bitdefender as Trojan.YIMBot.K, is polite. It starts the conversation right after you sign into the YIM client with a greeting and the latest news: that Apple would allegedly give out 5000 MacBook laptops to commemorate the death of Steve Jobs.

If most IM bots hit and run (they leave the message and then don’t react anymore), this one is highly interactive. It simulates typing and sometimes replies slowly, just as a human user would do. Then, it is extremely interactive: it recognizes keywords in the victim’s input and replies accordingly, as shown in the conversation captured below.

The whole purpose of this charade is to convince you to visit the link where you can allegedly claim your prize. This link is composed of an ID, a source and the victim’s YIM handle for tracking purposes.  If the user clicks the provided link, they are redirected to a page that advertises a “work-from-home”job listing. This turns to be another mule program in which the applicant has to receive and forward sums of money or parcels to different locations on the globe. These goods are usually obtained by fraud and need to be forwarded to miscellaneous locations until the authorities lose track of them.

If you are a Bitdefender customer, you don’t have to worry about any infection with the bot as we have detected it since their emergence. If you don’t use an antivirus solution, you might want to perform a 60-second quick scan to see if your computer has been compromised in any way.

About the author


Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.