Anti Virus Blog

The latest threat to AOL’s instant messaging (IM) platform, AIM, again targets users’ penchants to blindly click on links supplied by friends. The Gpic.aol worm comes with a message saying, “damn this looks just like me lol” and a link to what is displayed as pictures.google.com.

In reality, the displayed URL obscures the real Web site at newpeople.no-ip.info, which then downloads onto the user’s system, collects the names in the buddy list and sends the same message to all of them.

Gpic.aol is considered a medium-level risk threat; it doesn’t actually deliver a payload that allows the malware writer to gain remote access to the computer or corrupt or erase data on the hard drive.

For the time being, IM worms are merely a nuisance, propagating from one AIM buddy list to another. But Francis deSouza, IMlogic CEO, said he fears it’s only a matter of time before virus writers start delivering damaging code as well.

IM, replete with functionality, such as file transferring, video and audio, is at risk from malware writers gaining access to those features, he said.

“Your e-mail client can only do so many things,” he said. “Your IM client is actually much more functional and much more powerful, and because much of the functionality is real-time functionality, threats can propagate over IM much faster than over e-mails.”

(more…)