Instant messaging users are being warned of new security threats affecting Yahoo and AOL.
The worm launched through AOL's Instant Messenger (AIM) attempts to open a backdoor in a user's system so an attacker can gain control of the machine.
Yahoo Messenger users, meanwhile, are being targeted in a phishing scheme that tries to convince them to hand over their Yahoo credentials.
Aiming High
The threat affecting AOL arrives in a user's IM system with the message "hehe i found this funny movie," and prompts users to click on a hyperlink.
If a user does so, then malicious code is downloaded onto their system, and the worm wiggles onto a public IRC server so it can spread to other AIM users. The code appears to be a variant of the Gaobot virus, which allows an attacker remote control over an affected PC.
The worm has been rated as a medium threat by IMLogic, and some security firms have noted that its spread is being checked by the rapid response of anti-virus companies.
Darth Phisher
The phishing scam aimed at Yahoo Messenger users contains a link to a Web site titled "Star Games," which security firms believe is an attempt to capitalize on the attention being paid to the new Star Wars movie.
The site is designed to look like a Yahoo-related page, and prompts the user to enter their Yahoo credentials. McAfee has reported that the information then appears to be e-mailed to a Hotmail address.
Increasing Problem
Now that malicious hackers have figured out how to target instant messaging systems, security threats are likely to increase.
A report in April put out by IMLogic showed that since the start of 2005, IM-related security threats have grown by 271 percent.
The rapid boom in threats should give everyone, from home users to CIOs, reason for pause, said IMLogic chief technology officer Jon Sakoda.
"IM threats are a big problem, and they're going to become a worse problem," he said. "We're now facing mutations of earlier worms, and increasing sophistication in attacks."