IM/P2P threats surge ahead

By Bill Brenner, News Writer 06 Apr 2005 | SearchSecurity.com

Digg This!     StumbleUpon     Del.icio.us

ORLANDO, Fla. -- Here's a new reason for IT administrators to worry about all those IM and P2P programs employees are using: Attackers have used them to launch malicious code with alarming frequency since the start of the year, according to a new report from a consortium of antivirus firms and IM providers.

In its first-ever quarterly report, unveiled at the InfoSec World conference Tuesday, the IMlogic Threat Center said exploits in the first three months of 2005 surged more than 270% over the same period last year.

"The trends identified in our report will continue as IM becomes the new target for more sophisticated attacks aimed at disrupting Internet security," Jon Sakoda, chief technology officer and vice president of products for Waltham, Mass.-based IMlogic, said in a statement.

IMlogic launched the threat center last December in partnership with antivirus firms

More on IM threats Tips for securing Web-based applications IM threat service pledges cooperation IM adoption slowed by security, compatibility concerns

Symantec, Sybari, and McAfee, and IM providers America Online, Microsoft and Yahoo. It tracks and catalogues malicious exploits against IM and P2P programs, offering network managers up-to-date notification of threats and advice to mitigate them. In the first quarter the center found, among other things:

• Reports of new exploits against IM/P2P rose 271% over the same period last year;
• More than 75 unique IM/P2P-based threats and attacks, including IM-specific incidents and "blended-threats" targeting IM/P2P applications;
• 82% of reported incidents included the spread of an IM virus or worm;
• The Kelvir, Bropia, and Sumom worms were the top three most frequently detected IM infections in corporate environments; and
• Multiple cases of IM phishing and identity theft schemes were reported on consumer IM networks.

The report said more than 50% of incidents logged in the first quarter involved enterprises and small businesses using such IM applications as AOL Instant Messenger, MSN Messenger, Windows Messenger and Yahoo Messenger.

The report said users can expect things to get even worse, since IM exploits tend to involve social engineering techniques using "buddy lists" and end-user vulnerabilities as targets. The report added, "IM uses a real-time protocol which enables the rapid proliferation of IM malware, making detection, quarantine and response a challenge for corporate environments."

Tags: IM Security Issues, Risks and Tools,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT IM Security Issues, Risks and Tools What are effective ways to stop instant messaging (IM) spam? Secure messaging complications result in limited protection Is it possible to ban chat programs on an enterprise LAN? How to lock down instant messaging in the enterprise AOL closes AIM attack vector, but risks remain Researcher says AIM still vulnerable, AOL insists it's fixed Serious security flaw in AOL Instant Messenger Security flaws found in AOL, Yahoo IM programs Flaw found in MSN Messenger AOL, Yahoo, Trillian IM applications under threat

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary greynet  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary