InfoWorld: Worms sent via IM pose serious, growing threat: September 26, 2003: By : Security: "Virulent new worms that exploit vulnerable instant messaging (IM) clients and could infect hundreds of thousands of computers in seconds are a real threat for Internet users worldwide, according to security researchers from Symantec. "
Usually I think that Symantec is blowing smoke, but I think this one is set to be the next big worm generators. Though I do not like the IM companies closing down their programs and forcing me to have one for each one, I see where they need to.

The ability of hackers to grab a user's buddy list also gives IM worms the potential to be more virulent than predecessors like Code Red, Slammer or Blaster, which spread over the Internet rather than over IM networks, Chien said.

Unlike those worms, IM worms do not need to scan the Internet for the IP (Internet Protocol) addresses of vulnerable systems to infect, a process that greatly slows the spread of traditional worms. Instead, IM worms simply use the infected user's buddy list to find new targets.

Even with a scenario in which the buddy lists of infected and target machines were identical except for just one IM user, an IM worm could infect 500,000 machines in just 31 seconds, Chien and Hindocha showed.

Scary!