A newly discovered worm dubbed “Gpic.aol” and being transported via AOL Instant Messenger (AIM) arrives as an instant message along the lines of “damn this looks just like me lol” and proffering a link which claims to be a link to pictures.google.com
However, as soon as the unwitting recipient clicks on that link, it actually takes them to the payload site – currently believed to be newpeople.no-ip.in – where it downloads the Gpic.aol worm onto the victim’s website and then starts the process all over again.
Francis DeSouza, CEO of IMlogic, explains that it’s only a matter of time before some of these AIM worms do something much more damaging than just replicating themselves.
Explains DeSouza, “Your e-mail client can only do so many things. Your IM client is actually much more functional and much more powerful, and because much of the functionality is real-time functionality, threats can propagate over IM much faster than over e-mails.”
The best defense? As always, if you aren’t 100% sure of the sender and origin, just don’t click.