A new worm is targeting instant messaging users. 
Spotted on Yahoo! Messenger and Skype, the attacks use sophisticated social engineering techniques to trick users into infecting themselves.

It is quickly spreading via Web links to fake images. Users who fall victim to this threat have an IRC botnet client installed on their computers.

The messages used to lure potential victims are more enticing and variate with each attack. "Does my new hair style look good? bad? Perfect? ;)" or "My printer is about to be thrown through a window if this pic won't come our right. You see anything wrong with it?" are just two examples. Also, the spammed image URLs end in actual .jpg and point to a RapidShare lookalike website called tinyfilehost.com.

Hitting the download button on the page prompts the download of an archive file called NewPhoto024.JPG.zip. 
Inside the archive, there is a .COM MS-DOS executable file deceptively called NewPhoto024.JPG_www.tinyfilehost.com, which installs a backdoor.

Users are advised to exercise increased caution when choosing to open links received from their friends and, as always, connect to the Internet with a capable and up-to-date antivirus product installed.

Ref: http://news.softpedia.com/news/Complex-IM-Worm-Infects-Yahoo-Messenge...