Application security, Compliance Management, Incident Response, Privacy, TDR, Vulnerability Management

IM malware attacks increase, report

Malicious code attacks through instant messaging services have tripled between March and April, according to a report from Akronix Systems.

The jump accompanies a boom in deployment of enterprise unified communications systems over the past few months, a fact that is unlikely to be a mere coincidence, the company said. The systems are designed to organize business communications technology onto a common internet protocol infrastructure, which often includes an IM service.

Twenty-one new malicious codes were tracked throughout April. Among the new IM worms identified were ArcServe, IMspread and QVOD. IRCBot and Tiotua were the most common worms, with three variants each.

The recent increase in malware attacks through the use of instant messaging is almost exclusively via the use of the public IM networks -- AIM, Yahoo!, MSN and GoogleTalk, Kip Quackenbush, vice president of worldwide sales at Akonix Systems told on Thursday.

“However, as the take-up of enterprise unified communications systems continues to grow, companies need to be aware that if they choose to deploy public IM gateways in these systems, the security risk is identical,” Quackenbush said.

IM worms work in much the same way as email worms do -- by tricking the user into clicking a link which infects them with a virus, according to Matt Sergeant, senior anti-spam technologist at MessageLabs.

“They then use the victim's ‘Buddy List' to IM all their friends with the exploit,” Sergeant added. “As instant messaging grows in popularity these exploits become ever more powerful and widespread.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.