An anonymous reader writes, "There's a new Instant Messaging worm in the wild that is taking the idea of Botnet clickfraud up a level. It trades in automated drones (prone to malfunction and detection) for real live people who (of course) have the option of not actually clicking anything, thus theoretically making their clicks harder to identify as 'fraudulent.' This IM attack doesn't even need a victim to physically run anything to become infected — simply visiting a certain site in Internet Explorer will cause the files to download and start sending infection messages. At this point, their homepage is changed to a site using Mesothelioma (a rare form of cancer) to ring up high-paying results on the perpetrators' Google ads. As the researcher who discovered the infection notes, 'It's way, way harder to trace some random boob who has a ton of (partially) unconnected people shunting IM links all over the place. Try staying anonymous as a Botnet owner who just had the entire details of his server splattered across the net by Shadowserver. What will be interesting to see is if some of the smaller Botnet guys ditch their technical woes and jump on the much-easier-to-maintain IM bandwagon to get their clickfraud kicks.'"