IM malware attacks increase, report

Share this article:
Malicious code attacks through instant messaging services have tripled between March and April, according to a report from Akronix Systems.

The jump accompanies a boom in deployment of enterprise unified communications systems over the past few months, a fact that is unlikely to be a mere coincidence, the company said. The systems are designed to organize business communications technology onto a common internet protocol infrastructure, which often includes an IM service.

Twenty-one new malicious codes were tracked throughout April. Among the new IM worms identified were ArcServe, IMspread and QVOD. IRCBot and Tiotua were the most common worms, with three variants each.

The recent increase in malware attacks through the use of instant messaging is almost exclusively via the use of the public IM networks -- AIM, Yahoo!, MSN and GoogleTalk, Kip Quackenbush, vice president of worldwide sales at Akonix Systems told SCMagazineUS.com on Thursday.

“However, as the take-up of enterprise unified communications systems continues to grow, companies need to be aware that if they choose to deploy public IM gateways in these systems, the security risk is identical,” Quackenbush said.

IM worms work in much the same way as email worms do -- by tricking the user into clicking a link which infects them with a virus, according to Matt Sergeant, senior anti-spam technologist at MessageLabs.

“They then use the victim's ‘Buddy List' to IM all their friends with the exploit,” Sergeant added. “As instant messaging grows in popularity these exploits become ever more powerful and widespread.”
Share this article:

Sign up to our newsletters

More in News

Instagram iOS and Android apps vulnerable to session hijacking

Two researchers wrote about the Instagram app for iOS and Android is vulnerable to session hijacking because both send unsecured information through HTTP.

Report: Hackers stole data from Israeli defense firms

A report by Brian Krebs detailed the intrusions, which occurred between Oct. 2011 and Aug. 2012.

Neverquest trojan targets regional banks in Japan

Symantec researchers found a new variant of the banking trojan.