IM attacks get nastier
- 30 January, 2008 22:02
Attacks on instant messaging systems continued to grow more sophisticated and dangerous in January, according to Akonix, a vendor of messaging security systems.
The company tracked 14 new attacks on IM systems in January, finding that while the number was relatively low, the attacks are getting better at targeting users.
IM attacks are a relatively recent phenomenon, but have grown drastically in number in recent months. In July Akonix said the number of threats over the past 12 months was up 78 percent on the previous year.
New IM worms identified in January include MSNChristmas, MSNVB, Perin and Raiodin, Akonix said.
Perin is one of the nastiest of the lot, spreading via a link to contacts on MSN and AIM networks and installing a backdoor server on infected machines.
"Although the number of IM attacks in January 2008 is somewhat low... we are continuing to see an increase in the intensity of malicious online activity," said Akonix vice president of marketing Don Montgomery, in a statement.
Over the past year multi-stage IM attacks have begun surfacing, delivering malicious code that in turn downloads other code, he said.
Another trend is two-stage attacks, where the second stage is the downloading of a Trojan that waits for users to log into specific banking sites to activate a key-logging program, Montgomery said.
In addition, there are multi-vector attacks where a malicious URL may be delivered by IM but propagated using email or come in via email and go out over IM. And attacks focused on consumer services AOL, MSN and Yahoo, are beginning to span networks, Akonix said.
Attacks over peer-to-peer networks are also a growing problem, Akonix said, with 14 new P2P attacks surfacing in January.
A report by network monitoring vendor Tiversa last year found contractors and U.S. government employees were sharing hundreds of secret documents on peer-to-peer networks.