Intelligent worm 'chats' to IM users

IM.Myspace04.AIM is spreading via AOL's Instant Messenger service

A new form of worm has been discovered that 'chats' to users of instant messaging programs to persuade them to download an infected file.

Security research firm IMLogic has reported that the worm, dubbed IM.Myspace04.AIM, is spreading via AOL's Instant Messenger service. 

Once on a PC the worm responds to any instant message and pretends to be the user. It suggests that the recipient downloads a file which contains a copy of itself. If the user responds, the worm sends a second message saying: 'lol no its not its a virus'.

"While IM.Myspace04.AIM uses similar social engineering techniques to other IM worms, this new breed of attack represents a shift toward interactive communication with intended targets, more effectively simulating a live user and thereby increasing infection rates," said IMLogic in a statement.

"As consumer bots such as the recently released AOL MovieFone and ShoppingBuddy gain popularity, hackers have also recognised the potential for bot technology to assist in their attacks on unsuspecting users."

Once installed on a PC the worm disables security software, installs a backdoor to allow remote control via IRC and changes system files. It then starts sending itself to contacts on the victim's buddy list.

"This is another wake-up call to businesses," said Donal Casey, security consultant at technology integration firm Morse.

"Because virus writers are trying to fool people into downloading their virus by pretending to converse with their victim to lull them into a false sense of security, businesses need to tackle this problem on two levels.

"They need to make sure that their antivirus software is up to date, and they need to make sure that they are educating employees on the company's security policies and procedures."

• The wise man's guide to Christmas shopping
• Win a trip to Las Vegas!