New Generation of IM Worms

According to Kaspersky Labs, new generation of instant messaging worms is spreading across protocols and platforms. We have seen a lot of worms which were specific to a single instant messaging protocol, for example MSN or AOL. However, the next generation of worms poses a much greater threat because of their ability to use different IM protocols to spread. And more - they can attack both Microsoft Windows and Mac platforms.

Of course, if the instant messaging user is smart and careful enough, the computer will be safe. It's very important not to open any attachments or URLs sent by unknown persons. Even more - if you receive an attachment or URL by someone in your buddy list, always ask him what he's sending you. Maybe he doesn't even know that his computer is under the control of a worm.

Meanwhile, Postini announced that there is a 160% increase over June in instant messaging attacks against corporate networks. One of the detected IM threats is Prokeylogger, which logs every key you type on your keyboard and gets your passwords. Then it sends this information to their owners, which can get details about your e-mails, credit cards, other sensitive personal information.

Important Update for Miranda IM Users

There is an important patch for Miranda IM. If you use the ICQ protocol you could lose some messages. The bug is defined as "unknown TLV(19) bug".

To fix this problem, you have to download and replace the file icq.dll in the Miranda folder.

Download icq.dll

It seems that the ICQ protocol has been changed a little bit and that's why only the official ICQ client is working properly. Other clients like Miranda and QIP must be updated. For QIP you just need to download the latest alpha version.

The "smart" Messaging Worm

I've read about this "smart" worm in few websites. When I read these articles I'm really wondering what is so smart in this worm. Just read this quote (link)

Instant messaging security firm, IMlogic released a warning on Monday, regarding a new type of malicious IM bot that can pose as a human being, and send messages.

The threat, called IM.Myspace04.AIM infects a user’s computer, then starts sending messages to people on their AIM contacts list. The bot sends a link, and encourages receivers to click on it with messages such as “lol no its not a virus.” Once a user clicks the link, their computer also becomes infected, and begins spreading the program.

Just sending previously defined messages like "its not a virus" is something I've already seen in so many spam messages (for example: "look at my picture right here...").
So it seems to me that this is just another worm which was made popular by some security-related websites.