Assiral.A. This simple mass-mailing worm arrives as a Windows 32-bit executable that deletes files and modifies Internet Explorer homepage settings.
Bizex. The main component of this worm, which attacks ICQ systems, has spying and data-stealing capabilities. Bizex spreads by sending a hyperlink to a victim's contacts. Clicking on the link sends them to a Web page that uploads the worm.
Bropia. This worm and its variants, including Kelvir and Serflog, spread via MSN Messenger. They copy themselves into a Windows system directory, download more malware onto the victim's computer, and reduce system security. Some variants hide on a PC, only to re-emerge at a later date.
Buddypicture. The attack by this Trojan, which affects AIM systems, starts with an instant message that includes a hyperlink to a Web site supposedly featuring pictures of the purported sender, whose name was on the victim's contact list. The message asks the victim to download an applet first. If downloaded, the applet uploads adware and spyware to victims' computers.
Gabby.a. The Gabby worm attacks AOL's AIM and ICQ systems by sending recipients a hyperlink and tricking them into clicking on it. Victims then get to a Web page that uploads spyware, as well as a worm that opens a backdoor to the machine and eliminates Windows services such as those used with antivirus and firewall software.
Kelvir. This worm spreads by sending a hyperlink to MSN Messenger users with messages such as "Hey, check this out" or "LOL, this is a funny picture of me." Users who click on the link go to a Web page that uploads the virus to their computers. Kelvir then spreads via victims' buddy lists.
The worm can turn computers into spam broadcasters, log keystrokes such as those in user names and passwords, and e-mail the information to hackers.
Kelvir recently shut down international media company Reuters' proprietary, closed, 6,000-user IM system, which is based on Microsoft technology.