[WEBINAR] The New Normal: Dealing with the Reality of an Unsecure World

Instant Messaging Worm (IM Worm)

Definition - What does Instant Messaging Worm (IM Worm) mean?

An instant messaging worm (IM worm) is a self-replicating malicious code that is spread through an instant messaging network. These worms are similar to computer worms except that they spread through various IM networks as a result of loopholes in the network. The IM worm infects a user's account, locates the user's IM contact list and tries to send itself to all the contacts on the list. IM worms do not require a vulnerable IP to gain access to a user's contact list.

Techopedia explains Instant Messaging Worm (IM Worm)

IM worms send out messages that appear to be from the people on the user's contact list. These messages are often out of character, and contain external links to marketing websites. The infected user's contacts may also receive similar email messages.

Although the IM worm appeared on 2001, it was not considered a threat until late 2005. The first large IM worm outbreak was reported in the Netherlands and spread through MSN Messenger through a malformed WMF file called xmas-2006 FUNNY.jpg. During this time, IM worms were built for various reasons and were spread through popular public IM services such as MSN Messenger, Yahoo! Messenger, AOL Instant Messenger and ICQ.

The following are some examples of IM worms:

  • The Choke worm attaches to MSN Messenger. When a user initiates an IM conversation with an infected host, the worm sends a text message along with an invitation to download a file, which turns out to be the worm file from the infected host.
  • IM worms such as Sumom caused limited damage but attracted a lot of media attention.
  • The SoFunny worm spreads as a file attachment using AOL Instant Messenger. It steals AIM login information, and emails the user ID and password to a designated address. It runs as a service process in Windows systems to hide from the Windows Task Manager.

Many hackers also created IM worms such as Bropia and Kelvir specifically to create financial gains.

The IM worm has undergone drastic changes over the years in the way it is distributed, the complexity of the code used and the networks targeted.

Techopedia Deals

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
"Techopedia" on Twitter

Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Free Whitepaper: The Path to Hybrid Cloud
Free Whitepaper: The Path to Hybrid Cloud:
The Path to Hybrid Cloud: Intelligent Bursting To Amazon Web Services & Microsoft Azure
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.