Recently discovered vulnerabilities in the most popular instant messaging (IM) applications, as well as some targeted attacks via IM, are providing a glimpse of the threats to come.
Attacks on instant messaging systems still aren't as prevalent as those on email systems, and most IM attacks have been annoying worms aimed at recruiting bots or spewing spam. But newly found IM vulnerabilities indicate how lethal an IM attack could be: The AIM bug doesn't even require that the victim take any action at all to become infected.
And there are signs that the bad guys are gradually starting to use IM's rapid-fire transfer of messages as a more efficient way to spread bot infections, send spam, or conduct targeted attacks than store-and-forward email.