An increase in the number of instant messenging (IM) viruses marks the start of a new war between virus writers, according to a virus expert.
"We have recently seen several IM viruses and worms containing taunts to other virus writers and each one is trying to remove the others," said Mikko Hypponen, director of anti-virus research at F-Secure.
Two new variants of the Bropia worm have been spotted in the wild in the last week. Hypponen said the Assiral worm, also on the loose, tries to remove these variants. Another worm, called Sumom, tries to remove Assiral and makes a number of derogatory remarks about the writer of that worm.
According to another expert, the virus writers are using social engineering techniques to propagate these viruses and are targeting users of Microsoft's Instant Messenging application.
"The vast majority of IM worms currently make use of MSN and they normally 'arrive' as a weblink to a picture, which of course isn't a picture but an executable," said Roel Schouwenberg, senior research engineer at Kaspersky in the company's weblog. "Paris Hilton has the been subject for these IM worms quite a lot of times, along with other topics."
Eric Chien, chief researcher at Symantec Security Response said prior to this year there was only about one IM-related virus a year, but the recent surge is a cause for concern.
"We are just at the beginning of a war between virus writers," he said. Chien added that things could get a lot worse "if the virus writers respond to each other's taunts." He said the same thing happened between the authors of the Netsky, Bagle and MyDoom viruses when new variants appeared on a regular basis with fresh insults.
Hypponen said the viruses had a weak point as they pointed to websites that downloaded their malicious payload. He said F-Secure had been in contact with ISPs to remove these websites.
"Once we take down these websites we save the whole world," he added.
As reported in SC Magazine here a number of worms and viruses have used Paris Hilton as a cover to unleash trouble on unsuspecting users.