At least three new worms were reported this weekend that use IM to spread. Is IM the "next big thing" in vectors?
I think not. So far most of these IM worms (all spreading over MSN Messenger this weekend) rely on social engineering to spread. In other words they contain a message that must convince the recipient of a message to click through to a web site were the expoloit is contained. Just as in email viruses/worms that require the end user to take some action there is enough "friction" induced here that the worm cannot be as devestating as Nimda, MSBlast, or Slammer.
So, not until IM worms spread without user action will they represent a huge threat. In the meantime, it is a good idea to opt out of the tri-culture of the IM space. If you are an AOL, MSN, or Yahoo! user you can reduce your risk by using a third party client. I am a big fan of Trillian. The shareware version is great. You get cute features if you upgrade to the Trillian Pro version.
Trillian is of course named for the character in Hitchhiker's Guide to the Universe! (see the http://hitchhikers.movies.go.com/main.html to the new movie!)
So are IM worms the big threat? I don't think so. Now RSS....