The company is referring to the worm as Palevo, a name previously used by Symantec for a worm in July 2009. The current worm has been dubbed Yimfoca by Symantec.
Instant messaging users are warned against opening links in incoming messages without checking that they were intentionally sent.
An example provided by BitDefender shows a link to what purports to be a photo but is actually an executable program that installs the Palevo/Yimfoca worm. If the recipient attempts to open the 'photo' - Boom! Pwned!
Apart from spreading itself, the worm provides backdoor access to infected systems, steals login credentials from Firefox and Internet Explorer, and infects various peer-to-peer applications including eMule and LimeWire.
What's the easiest way of avoiding this piece of malware? Please read on.
"It's worthwhile to double-check the legitimacy of the message with the sender before opening a link, in order to confirm whether they had purposely sent the message themselves," added Cosoi.
Or as Symantec's Mircea Ciubotariu puts it, "Many times becoming a victim can be avoided just by asking the contact who sent the link whether it's real or not."
According to a BitDefender spokesperson, Palevo is most active in countries including Romania, Indonesia and Mongolia.
Palevo/Yimfoca is detected by various antivirus programs. Or you can run an operating system other than Windows.