A new computer virus is spreading through AOL's Instant Messenger system (AIM), spreading malicious code more sophisticated than anything seen before, security researchers said.
The worm, known as W32.pipeline, propagates when users click on a Web link that appears to have been sent to them by someone on their buddy list. If the recipient clicks on the link, an file that looks like a JPEG image will download into a Windows folder, according to researchers at security company FaceTime Communications.
Once the user's PC is infected, it becomes part of a botnet and is under complete control of the hacker to use for a variety of purposes.
FaceTime researchers have noted that this botnet demonstrates much more sophisticated characteristics than any they have seen before, including the ability to authorize only specific internet chat clients to log in and manipulate the botnet.
The emphasis for this latest worm is not so much on the files that are delivered to the users' computers, but rather on the way these files are deposited onto the system, said Chris Boyd, director of malware research for FaceTime Security Labs.
Previous IM attacks have tended to focus on the damage done by the files, with little thought on the method of delivery, save for the quickest way to get those files onto a PC. Here, the motivation for the bad guys seems to be in lining up as many â€˜install chains' as possible to insure a consistent pipeline that can be controlled by their rogue botnet.
The firm suggested that AOL's 80 million users can protect themselves by not clicking on suspicious links. Administrators of corporate networks may add enterprise-grade security software to networks for added protection, the firm said