Here we go — malware via IM

From The Inquirer:

“VIRUS WRITERS have released an Internet worm that propagates using instant messages and exploits the JPG flaw in Microsoft. Researchers at The SANS Institute’s Internet Storm Center (ISC) have had two reports of a worm being installed using AOL messenger. The victims complained that they received messages on America Online’s AOL Instant Messenger service that lured them to Web sites containing a JPEG that contained the malicious code. The messages told the users to “Check out my profile, click GET INFO!” But when they visited the site, the malicious code would attempt to install backdoor software.

Additionally, messages containing a link to the site would be sent out to all contacts on the victim’s instant messenger contacts list. The ISC said the attempts failed but showed that hackers were starting to build code using the JPEG vulnerability. ”