IM/P2P threats surge ahead

Article

IM/P2P threats surge ahead

ORLANDO, Fla. -- Here's a new reason for IT administrators to worry about all those IM and P2P programs employees are using: Attackers have used them to launch malicious code with alarming frequency since the start of the year, according to a new report from a consortium of antivirus firms and IM providers.

In its first-ever

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

quarterly report, unveiled at the InfoSec World conference Tuesday, the IMlogic Threat Center said exploits in the first three months of 2005 surged more than 270% over the same period last year.

"The trends identified in our report will continue as IM becomes the new target for more sophisticated attacks aimed at disrupting Internet security," Jon Sakoda, chief technology officer and vice president of products for Waltham, Mass.-based IMlogic, said in a statement.

IMlogic launched the threat center last December in partnership with antivirus firms

More on IM threats

Tips for securing Web-based applications

IM threat service pledges cooperation

IM adoption slowed by security, compatibility concerns
Symantec, Sybari, and McAfee, and IM providers America Online, Microsoft and Yahoo. It tracks and catalogues malicious exploits against IM and P2P programs, offering network managers up-to-date notification of threats and advice to mitigate them. In the first quarter the center found, among other things:
  • Reports of new exploits against IM/P2P rose 271% over the same period last year;
  • More than 75 unique IM/P2P-based threats and attacks, including IM-specific incidents and "blended-threats" targeting IM/P2P applications;
  • 82% of reported incidents included the spread of an IM virus or worm;
  • The Kelvir, Bropia, and Sumom worms were the top three most frequently detected IM infections in corporate environments; and
  • Multiple cases of IM phishing and identity theft schemes were reported on consumer IM networks.

The report said more than 50% of incidents logged in the first quarter involved enterprises and small businesses using such IM applications as AOL Instant Messenger, MSN Messenger, Windows Messenger and Yahoo Messenger.

The report said users can expect things to get even worse, since IM exploits tend to involve social engineering techniques using "buddy lists" and end-user vulnerabilities as targets. The report added, "IM uses a real-time protocol which enables the rapid proliferation of IM malware, making detection, quarantine and response a challenge for corporate environments."