On November 16th, I lamented AOL's recent addition of AIM bots to their service. It appears that these bots have paved the way to even worse bots: bots that use social engineering to help spreads viruses sent through malicious links. No longer will a compromised system just send you links that download viruses, now they can respond to you, including assuring you that the link that they just sent is not a virus. If you're interested, here's the full story at eWeek.
As the lines between humans and bots continues to blur, social engineering attacks will become more and more common and, I'm afraid, more and more successful. There are many people out there who are still too trusting of their computers, and too many companies not doing enough about it. The question I have is: what will AOL do now to help stop the spread of viruses from these malicious--and now responsive--bots?
I think I find the IM that it sends back to reassure the user to be a little funny: "lol no its not its a virus." ok, lets add some commas, "lol, no its not, its a virus." So the bot is telling its users, "Hey, click the link, its a virus, comeon it'll be fun, everyone's doing it."