The volume of security threats targeting instant messaging (IM) systems rocketed in October 2005 by more than 1,500 percent versus October 2004. The month’s threat volume was also 30 percent higher than the previous month, new research has warned.
According to the report from IMlogic Threat Center, as the number of threats grew, the payload carried by IM worms evolved to become more malicious. More than 60 percent of the worms identified in October delivered malware capable of disabling existing desktop security software, operating without end-user knowledge and undermining traditional antivirus detection and protection capabilities.
Some 87 percent of all unique IM threats were identified as worms, while 12 percent were viruses and 1 percent were client vulnerabilities.
During the first nine months of 2005, 62 percent of all IM threats were found to target MSN, while 31 percent targeted AOL and 7 percent targeted Yahoo. However, in October there was a marked increase in attacks against AOL, which was afflicted by some 66 percent of new IM threats discovered during the month.
IMlogic Threat Center noted that nearly all – 99 percent – of all threat activity relied on social engineering to deliver payload. It added that traditional antivirus signature files were available for just 6 percent of reported threats at the time of first detection.
The October monthly report reinforces the findings of the IMlogic Threat Center Q3 2005 report, which detailed a more-than-2,000-percent increase in reported attacks during the first nine months of the year.
"The alarming prospect of IM threats that disable virus-protection software is a wake up call to enterprises to put additional protection in place for defense-in-depth," said Jon Sakoda, IMlogic chief technology officer.
"The significant rise in IM virus and worm activity, coupled with the development of increasingly sophisticated IM threats, requires organizations to adopt a comprehensive security strategy for IM and real-time applications."
The IMlogic Threat Center has strategic partnerships with internet security firms Symantec, Sybari and McAfee, Postini and global instant messaging providers America Online, Microsoft and Yahoo!