Looking for Regional Information?

IM Worms Get the Facts

By Charles Hopkins Published 06/2/2006 | Internet

 You've taken this course in internet safety and learnt all that there is to learn about how to avoid viruses and worms. You have installed advanced virus scanners, so nothing can pass through your email program and infect your Operating System, nor be downloaded from the internet or from a removable medium. You have installed the latest and the greatest in firewalls, so no worm can take advantage of open ports on your system. You are careful not to download, execute or use programs from any source other than well known, trusted groups or companies, like the vendor of your Operating System, or maybe the Free Software Foundation. All in all, you have got your system locked down very tightly, and fully expect to remain free of malware for the rest of your days.

And to propagate this useful knowledge, you then fire up your favorite instant messaging program, which may be MSN Messenger or Yahoo! Messenger. You open a chat window with your friend to tell him or her all about his wonderful new way you have found of securing your computer so that nothing happens to it, ever and ever. You are surprised to see that she is already offering you a file before you have started your conversation. Thinking it must be important for her to be that anxious, you click 'accept'. Seconds later, you realize your education was not complete, as the recently downloaded worm munches through your files and folders, and hoses your hard drive.

If you are a believer in learning through experience, then skip this article and wait till it happens to you. If however you'd rather learn by example, be advised that the horror flick given above was due to a new type of malware, the IM worm, which is unsurprisingly a worm that propagates itself through instant messaging programs.

The worst thing about IM worms is that most virus scanners haven't yet evolved enough to be able to deal with them.  And firewalls do not catch them because they come through an already established and authorized channel opened by yourself you authorized it when you opened the chat program.

IM worms depend for their survival and multiplication upon this irresistible urge that most users have of clicking 'ok' in response to whatever dialog box appears in front of their face, specially if that box happens to be launched by the IM program and more specially if it happens to tell you of a new file that your friend has just offered. They go on clicking 'ok' mindlessly, as if it gives them some kind of undefinable pleasure to be able to do this without thinking or pausing. And then when they get busted they blame their stupid computer, their worthless OS, their malicious friend and so forth. But the truth is that the friend probably had nothing to do with the worm in the first place. The worm was just camouflaging itself by pretending to be from him or her.

What can you do to escape this latest in malware? Well, for one thing ask your friend whether he/she is really offering you this file. Worms haven't yet evolved to the point where they can answer this question in place of your friend.

Secondly, dump the regular IM clients like MSN Messenger or Yahoo! Messenger, and install another program through which you can connect to both of these networks and many more, but which doesn't contain the type of vulnerability that allow worms to pass through.