IM-based attacks getting more notorious

Instant messaging (IM) is posing a big risk to enterprise users and consumers, according to IMlogic, which claims that IM attacks have grown a staggering 2747% in Q2 2005 over Q2 2004.

  • E-Mail
By  Caroline Denslow Published  July 17, 2005

Instant messaging (IM) is posing a big risk to enterprise users and consumers, according to IMlogic, which claims that IM attacks have grown a staggering 2747% in Q2 2005 over Q2 2004. The instant messaging vendor has reported that IM attacks, such as viruses, worms and phishing scams have grown from 20 for the year 2004 to 571 in the second quarter of 2005 alone. More than 70% of externally reported incidents to the IMlogic Threat Center in Q2 2005 were attributed to enterprises and small businesses utilising popular IM applications such as AOL Instant Messenger, MSN Messenger, Windows Messenger, and Yahoo! Messenger. Eighty-six percent of reported incidents include IM virus or worm propagation, 13% are known to hijack IM file transfer capability, and 1% of reported incidents utilise known client vulnerabilities. The top three most frequently detected IM infections in corporate environments were Kelvir, Opanki, and Gabby worms, the study said. “The unprecedented increase in the number of threats and the emerging sophistication of IM attacks will continue to create disruption within IT organisations,” said IMlogic chief technology officer and vice president of products Jon Sakoda. The widespread use of IM has made it a popular target for hackers and virus writers who wish to exploit the opportunities presented by security attacks, said IMlogic. IM attacks are similar to most e-mail worms and viruses, which are meant to either steal information from a user’s PC or convert a PC into a so-called zombie by tricking users into clicking on phoney links or into opening malicious attachments. However, the company warns that IM attacks can be more threatening because people receive false instant messages from a name on their buddy list rather than a strange e-mail address. IM-borne attacks will continue to proliferate and as such, IMlogic is encouraging users to keep their operating system patches and anti-virus software updated, and to exercise caution when using embedded links or file transfer capabilities over the IM channel. The study was conducted in collaboration with IT security companies Symantec, McAfee and Sybari, as well as IM players America Online, Yahoo and Microsoft.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code