Security Alert: Instant Message, Instant Virus

IM Viruses Increasing... from the blog
"Four out of ten of the top online threats at the moment arrive via instant message"

Judging from several recent reports from Internet security organizations, virus writers are increasingly targeting instant messaging programs. The SANS Internet Storm Center said today that it has received multiple reports over the weekend of viruses spreading via AOL Instant Messenger (AIM) and Microsoft Messenger. Websense also put out an advisory today about an AIM virus.

According to the latest virus information from TrendMicro, four out of ten of the top online threats at the moment arrive via instant message. Given that Microsoft recently released patches to plug several "critical" security flaws in its Messenger program, the threat of viruses and worms through instant messaging could worsen in the near future.

One of the most pervasive IM worms, dubbed by some anti-virus companies as "Kelvir", has spawned at least 27 variants since it first arrived on the scene in early March. One version of the worm struck online news service Reuters last month, crippling the company's messaging service for 24 hours.

Instant message viruses usually spread by tricking recipients into clicking on a link in a short message that says something like "Hey, check this out." Based on the information provided in a writeup of the latest Kelvir worm from Symantec Corp., IM users definitely do not want to do that: Once downloaded to a machine, Kelvir quietly downloads more software that turns the victim's computer into a spam relay. Kelvir also can log anything you type on your keyboard and e-mail the data to identity thieves, even capture snapshots of anything that you see on your computer monitor, snag footage from your Web cam, as well as any information stored on your computer's clipboard.

Instant messaging also is becoming an increasingly popular medium for "phishing," scams that try to trick computer users into visiting an authentic-looking Web site and entering personal and financial details, according to a report released late last week by the Anti-Phishing Working Group.