IM malware attacks increase, report

Share this article:
Malicious code attacks through instant messaging services have tripled between March and April, according to a report from Akronix Systems.

The jump accompanies a boom in deployment of enterprise unified communications systems over the past few months, a fact that is unlikely to be a mere coincidence, the company said. The systems are designed to organize business communications technology onto a common internet protocol infrastructure, which often includes an IM service.

Twenty-one new malicious codes were tracked throughout April. Among the new IM worms identified were ArcServe, IMspread and QVOD. IRCBot and Tiotua were the most common worms, with three variants each.

The recent increase in malware attacks through the use of instant messaging is almost exclusively via the use of the public IM networks -- AIM, Yahoo!, MSN and GoogleTalk, Kip Quackenbush, vice president of worldwide sales at Akonix Systems told SCMagazineUS.com on Thursday.

“However, as the take-up of enterprise unified communications systems continues to grow, companies need to be aware that if they choose to deploy public IM gateways in these systems, the security risk is identical,” Quackenbush said.

IM worms work in much the same way as email worms do -- by tricking the user into clicking a link which infects them with a virus, according to Matt Sergeant, senior anti-spam technologist at MessageLabs.

“They then use the victim's ‘Buddy List' to IM all their friends with the exploit,” Sergeant added. “As instant messaging grows in popularity these exploits become ever more powerful and widespread.”
Share this article:

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.