Chatty Worm-Bot Coaxes Malware Download

by Michael Hall

A new worm making the rounds on AIM simulates a real person to coax users into accepting its payload.

IMlogic says a chatty new IM bot propagating over AOL's AIM network is out to convince users to download malware.

According to the company, IM.Myspace04.AIM impersonates infected AIM users and contacts people on their buddy lists, sending them messages designed to persuade the contact into downloading malicious content. IMlogic's advisory on the worm says the bot conceals transmission of the message from the infected user

One thing that sets IM.Myspace04.AIM apart from other IM worms is its ability to simulate a modicum of chattiness. If the person it contacts responds, it sends a variety of follow-up messages including "lol no its not its a virus."

Though the worm's coaxing represents a novel approach to infecting unwary IM users, IMlogic rated it a "medium" threat. The company has no recommendation for dealing with it besides updating antivirus software or filtering it with its IM management tools.

This article was originally published on Thursday Dec 8th 2005