IM malware attacks increase, report

Share this article:
Malicious code attacks through instant messaging services have tripled between March and April, according to a report from Akronix Systems.

The jump accompanies a boom in deployment of enterprise unified communications systems over the past few months, a fact that is unlikely to be a mere coincidence, the company said. The systems are designed to organize business communications technology onto a common internet protocol infrastructure, which often includes an IM service.

Twenty-one new malicious codes were tracked throughout April. Among the new IM worms identified were ArcServe, IMspread and QVOD. IRCBot and Tiotua were the most common worms, with three variants each.

The recent increase in malware attacks through the use of instant messaging is almost exclusively via the use of the public IM networks -- AIM, Yahoo!, MSN and GoogleTalk, Kip Quackenbush, vice president of worldwide sales at Akonix Systems told on Thursday.

“However, as the take-up of enterprise unified communications systems continues to grow, companies need to be aware that if they choose to deploy public IM gateways in these systems, the security risk is identical,” Quackenbush said.

IM worms work in much the same way as email worms do -- by tricking the user into clicking a link which infects them with a virus, according to Matt Sergeant, senior anti-spam technologist at MessageLabs.

“They then use the victim's ‘Buddy List' to IM all their friends with the exploit,” Sergeant added. “As instant messaging grows in popularity these exploits become ever more powerful and widespread.”
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.