IM Threats Growing 50% Per Month - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
News

IM Threats Growing 50% Per Month

A threat center devoted to instant-messaging hacks put numbers to what IM users already know: IM threats are on the upswing.

As three more worms targeted Microsoft's MSN Messenger Tuesday, a threat center devoted to instant messaging hacks released detailed statistics that put numbers to what IM users already know: instant message threats are on the upswing.

According to the IMlogic Threat Center, a coordinated effort by several vendors, including IMlogic, McAfee, Symantec, and Sybari Software, IM and P2P exploits have exploded in 2005, and have grown 50 percent each month thus far.

"IM viruses and worms are growing exponentially," said IMlogic chief technology officer Jon Sakoda, in a statement.

The threat center has warned of more than 30 widespread incidents of IM or P2P viruses, worms, or other malicious code thus far in 2005, said Sakoda, with the bulk--81 percent--of them aimed at instant messengers.

Seven out of ten attacks put MSN Messenger, Windows Messenger, and the MSN IM network in the crosshairs, reported the center, while Yahoo and AOL have been the target of just 18 and 12 percent of the attacks, respectively.

The disparity between MSN Messenger and other instant messaging clients continued to grow Tuesday, as three more anti-MSN Messenger worms appeared.

Two new variants for the Kelvir and one for Sumon (also called Serflog by some anti-virus vendors, and even Fatso by others) have debuted since Monday's news of a wave of IM worms hitting Microsoft's client and public IM network.

Like earlier iterations, Kelvir.c and Kelvir.d entice MSN Messenger users to click on a link, which in turn takes them to a malicious site where the code--a version of the Spybot worm--is downloaded to their system, opening it up for attack or hijacking by spammers.

Kelvir.c uses the phrase "hot pic!!" along with a link, while Kelvir.d uses "haha look at us" as its come-on. Kelvir spreads by sending itself to everyone on the compromised MSN Messenger's contact list.

Sumon.b, very similar to its predecessor, Sumon, propagates over the eMule peer-to-peer file-sharing network as well as MSN Messenger, disables a long list of security software, and tries to overwrite the HOSTS file so commonly accessed security Web sites can't be reached. Its hallmarks are IMs reading "My new photo!" and "The Cat And The Fan," along with malicious links that download the worm.

Also on the IM worm front, Finnish security firm F-Secure reported Tuesday that its analysis of Sumon.a showed an embedded message to the author of the Assiral worm, a mass-mailed worm from late last month that, among other things, tried to kill copies of the IM-oriented Bropia worm it found.

"The message is quite rude and blasts Assiral's author for trying to eliminate Bropia worm infection by creating a new worm," said F-Secure's warning of Sumon on its security team's blog. "I really hope we're not going to see another War of the Worms like the Bagle-Netsky-MyDoom war last year," added the analyst, Mikko Hypponen, the manager of the company's anti-virus research efforts, in the blog.

In early 2004, a tit-for-tat battle raged among the authors of the Bagle, Netsky, and MyDoom worms, with each new version trying to eradicate rivals. The war, which was waged for several weeks, was one reason why the first three months of last year were among the most virus-plagued ever, most security firms have said.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
News
COVID-19: Using Data to Map Infections, Hospital Beds, and More
Jessica Davis, Senior Editor, Enterprise Apps,  3/25/2020
Commentary
Enterprise Guide to Robotic Process Automation
Cathleen Gagne, Managing Editor, InformationWeek,  3/23/2020
Slideshows
How Startup Innovation Can Help Enterprises Face COVID-19
Joao-Pierre S. Ruth, Senior Writer,  3/24/2020
Register for InformationWeek Newsletters
Video
Current Issue
IT Careers: Tech Drives Constant Change
Advances in information technology and management concepts mean that IT professionals must update their skill sets, even their career goals on an almost yearly basis. In this IT Trend Report, experts share advice on how IT pros can keep up with this every-changing job market. Read it today!
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll