Instant Messaging (IM) applications are the new breeding ground for bots and other malicious applications, according to network security company Trend Micro.
"Instant messaging is used as a vector for most types of malicious software or malware," said Adam Biviano, senior systems engineer at Trend Micro.
Similar to email-based viruses, malicious IM applications use a person’s contact list to propagate.
Since the beginning of the year the company has issued three medium risk alerts for the IM worms Bropia.F, Kelvir.A and Fatso.A.
Although IM worms have been around since 2001, the last few months have been the most active period ever, the company said in a statement.
Of particular concern to security experts are bots that are smuggled in by the worms. Bots are applications that can be controlled remotely once executed on a user’s computer, Biviano said.
"Basically the goal [of the bot] is to get executed on a remote computer, whether that’s through a vulnerability on the PC or social engineering."
Biviano said, although malicious software was once written to prove a point, 60 percent of malware was now written for profit. This is carried out through harvesting of email addresses and CD keys, capturing keystrokes or taking over PCs as vehicles for sending spam.
To help protect themselves, Biviano advised users to ensure their anti-virus has the capability to monitor communications as well as files.