IM virus hoax threatens bandwidth drain

Remember those 'end of the world virus' hoaxes? Well guess what's found its way to IM...

Remember those 'end of the world virus' hoaxes? Well guess what's found its way to IM...

Instant messaging users are being blighted with an increasing number of threats of terrible viruses which are spreading via the popular peer-to-peer application. But just as email users were regular victims of hoaxes several years ago, so this latest scare is similarly fictitious.

One such hoax, propagated by well-meaning recipients who are urged to share the information with all their contacts, says there is an IM virus out there which will destroy hard drives and wipe data.

According to the hoax, somebody called will ask to be accepted onto your contacts list but once accepted the wording of the hoax claims a "horrible virus" will be unleashed.

The message comes with handy instructions for users of the Yahoo! IM application on how they can forward it to all their contacts.

Another hoax, again targeting Yahoo! users instructs all recipients to forward the IM to everybody in their contacts list or face losing their email and IM account, as part of a routine database cleansing.

Typically recipients assume 'better safe than sorry' and forward the messages, but that is when malicious hoaxes come into their own - often they are a simple ruse to bring down networks with a very basic denial of service attack.

The social engineering element is very simple, but proved highly effective with a bout of email hoaxes in 2001 and 2002. Often the fact the emails arrived from a known contact made the advice all the more compelling. Often the message to forward even begins with a statement to the effect of saying the sender has checked out the information and found it to be true.

If all Yahoo! users IM their contacts to warn of this virus and their contacts in terms IM their contacts - forwarded multiple versions of the message - the resultant traffic can be huge and potentially akin to the impact of a genuine self-propagating worm.

One recipient who forwarded the IM to her entire company and buddy list admitted that she realised her mistake with hindsight, but said when under pressure at work and an IM turned up from her boss warning about a virus and asking her to warn the rest of the company she felt immediately compelled to so. Such an IM was evidence that her boss too had already been duped.

"It's really easy to open a file only to find it is a virus, so when you get a message from your boss about a virus with some plausible sounding email addresses mentioned, it seems like a good idea to forward it on to everyone in your buddy list," she said.

"So I did and managed to start the ball rolling on a hoax - exactly as the hoaxers had planned I suppose," she added.