Home / Security threat to IM set to increase

Security threat to IM set to increase

More messaging features mean more ways for hackers to access data, Trend Micro claims

INSTANT messaging (IM) attacks are only going to get worse as exploit code becomes more readily available online, security giant Trend Micro warned this month.

“Scamming for information is as old as gossip,” said Justin Doo, regional director for Trend Micro Middle East and North Africa (MENA). “Now it is technology that defines how it is done. These days, phishing for credit card details or log-in access has moved from the most common technologies — such as e-mail and web pages — to instant messaging,” he added.

With IM now taking place using different forms of technology, such as on PCs, between smartphones and via WiFi, the means by which it can be attacked are growing, the company warned.

“The yearly roundups and forecasts show that interest in IM was previously tentative because of its limited capability,” said Doo. “Now that IM has richer features, and given the trend of malware today, IM attacks will be here to stay, and will grow until specific security measures are implemented both technology-wise and by users,” he went on to say.

According to Trend Micro’s own research, there are now between 90 and 100 different malware variants that are spread via IM. Trend Micro warns that worm variants such as Kelvir, Agobot and Bropia can also be spread via IM as well as being spread via attachments to e-mail messages.

The worms have the option to make use of a number of unpatched vulnerabilities since exploit code is readily available to malware authors on the internet — this means, according to Trend Micro, that IM threats are likely to increase.

“Because we live in a world where information is key, and because IM is quicker in message delivery than e-mail, the growing popularity of online chat communities and discussion groups exposes users to an ever growing number of possible contacts,” Doo commented.

Doo said he believed attacks on IM will increase in sophistication and that IM malicious code would make itself harder to detect by mutating several of the elements that security systems use to identify it.

“To protect yourself, make sure you use powerful anti-virus and anti-spyware products, and keep them up to date with the latest pattern files,” Doo said.

“Additionally do not click on suspicious links or download dubious files,” he added.

Follow us to get the most comprehensive technology news in UAE delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.