News
News
9/29/2005
03:23 PM
Connect Directly
RSS
E-Mail
50%
50%

IM Networks Under Daily Attack

This quarter has brought new parent worms, and September has seen the highest number of IM attacks ever, according to security vendor Akonix.

Threats against instant messaging (IM) networks are on a roll, a security firm said Thursday as it announced that this month has the dubious honor of hosting the highest-ever number of new IM exploits.

"In Q1 and Q2 we saw a lot of IM virus variants," said David Jaros, the director of product marketing at San Diego-based Akonix. "Lots of Kelvir and Bropia variants. But in Q3 we started seeing new parent worms, and a new wave of attacks."

In September alone, Akonix tracked seven new IM viruses, Trojans, or worms, a one-month record. Among the newcomers: Mete, Parda, Simbag, and Lewor.

More troubling, said Jaros, is that IM networks are experiencing an average of at least one IM-based attack each day, and attackers are getting craftier at working social engineering angles.

"They're getting more sophisticated," said Jaros.

In August, the Kelvir.hi worm was the first to query the victim's client software to determine the language setting, then sent its baited message in one of ten different tongues. And this month saw the debut of the Mete worm, which targeted Spanish speakers. More IM worms are also spreading through P2P file-sharing networks, such as Kazaa, said Jaros.

The progression in both quantity and quality of IM malware is on the same track, albeit behind, the improvements and increased numbers of worms carried by e-mail, Jaros said. In other words, there's nothing about the trend that should surprise anyone.

"IM worms are consistent with other viruses, even to the point of how they infect and what they're after. We're seeing the same things in IM now that we've seen in the e-mail world."

Those using instant messaging to spread their creations typically send messages to all contacts recorded on a compromised machine, disguising those messages as coming from trusted friends. Links in these messages lead users to a malicious Web site, where they're infected by a Trojan horse or spyware that can take control of the computer (for sending spam or disseminating other malicious code) or stealing confidential information such as online bank access usernames and passwords.

Enterprises that don't secure their worker's access to public IM networks such as those run by AOL, Microsoft, and Yahoo are looking for trouble, he added. "It's a fact any time you provide access [to these networks]. The more you use IM the more vulnerable you are."

Like other IM security vendors, Akonix hosts a security center that lists the latest and most dangerous threats to instant messaging users.

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.