[WEBINAR] Bulletproof: How Today's Business Leaders Stay on Top

Instant Messaging Worm (IM Worm)

Definition - What does Instant Messaging Worm (IM Worm) mean?

An instant messaging worm (IM worm) is a self-replicating malicious code that is spread through an instant messaging network. These worms are similar to computer worms except that they spread through various IM networks as a result of loopholes in the network. The IM worm infects a user's account, locates the user's IM contact list and tries to send itself to all the contacts on the list. IM worms do not require a vulnerable IP to gain access to a user's contact list.

Techopedia explains Instant Messaging Worm (IM Worm)

IM worms send out messages that appear to be from the people on the user's contact list. These messages are often out of character, and contain external links to marketing websites. The infected user's contacts may also receive similar email messages.

Although the IM worm appeared on 2001, it was not considered a threat until late 2005. The first large IM worm outbreak was reported in the Netherlands and spread through MSN Messenger through a malformed WMF file called xmas-2006 FUNNY.jpg. During this time, IM worms were built for various reasons and were spread through popular public IM services such as MSN Messenger, Yahoo! Messenger, AOL Instant Messenger and ICQ.

The following are some examples of IM worms:

  • The Choke worm attaches to MSN Messenger. When a user initiates an IM conversation with an infected host, the worm sends a text message along with an invitation to download a file, which turns out to be the worm file from the infected host.
  • IM worms such as Sumom caused limited damage but attracted a lot of media attention.
  • The SoFunny worm spreads as a file attachment using AOL Instant Messenger. It steals AIM login information, and emails the user ID and password to a designated address. It runs as a service process in Windows systems to hide from the Windows Task Manager.

Many hackers also created IM worms such as Bropia and Kelvir specifically to create financial gains.

The IM worm has undergone drastic changes over the years in the way it is distributed, the complexity of the code used and the networks targeted.

Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.