Study: Threat Increases From IM-Based Attacks

Study: Threat Increases From IM-Based Attacks

offline
  • Pridružio: 20 Feb 2005
  • Poruke: 4505
  • Gde živiš: planeta Zemlja

Instant messaging called "the undefended medium."

Peter Saalfield, IDG News Service
Tuesday, July 05, 2005

A study released today by instant messaging security vendor IMlogic reported that hackers and virus writers are recognizing and exploiting the opportunities presented by IM-based attacks, the numbers of which have risen sharply over the last two quarters.

The number of IM attacks such as viruses, worms, and phishing scams has increased from 20 for all of 2004 to 571 in the second quarter of 2005 alone, representing an increased threat to both enterprise users and the average consumer, the study said.

The study--performed by the IMlogic Threat Center with the support of IT security companies Symantec, McAfee, and Sybari, as well as IM leaders America Online, Yahoo, and Microsoft--reported that 70 percent of IM-based attacks target public IM networks and 30 percent target enterprises.

"IM usage has reached critical mass, and virus writers have now recognized it as a mostly undefended medium," said IMlogic Chief Executive Officer and cofounder Francis deSouza. "These [viruses and worms] are mutating, high-velocity, and invisible to most companies until they hit. All these factors combine to create a serious risk."

IMlogic sells products that protect against IM-based attacks, as do Akonix Systems and Trend Micro.

How Attacks Happen

IM attacks act much like e-mail worms and viruses, stealing information from the user's computer or turning that computer into a so-called zombie by tricking users into clicking on phony links or into opening malicious attachments. IM-based attacks can be even more threatening because people receive false instant messages from a name on their buddy list rather than a strange e-mail address, DeSouza said.

"Having an army of zombies is the economic equivalent of having an oil well," said analyst Alan Paller of SANS Institute. "The two most important things [for a user] to do are block all attachments on IM and to filter IM traffic so you only get it from trusted sites."

The Kelvir, Opanki, and Gabby worms were the most common in corporate environments, the study said.

Most IM Services Vulnerable

Some attacks are tailored to a specific user and appear to be, for instance, a highly personalized message. The study said that these attacks made up less than one percent of the recorded IM attacks. For the most part IM attackers aren't sophisticated enough to single out any one user, Paller said. However rare "targeted" attacks may be, Paller emphasized that they are the most dangerous.

The vast majority--86 percent--of reported attacks involved viruses or worms that capitalize on real-time protocols. The study showed that all of the most successful IM services--AOL Instant Messenger, MSN Messenger, Windows Messenger, and Yahoo Messenger--were vulnerable to and affected by IM attacks.


================
preuzeto sa: http://www.pcworld.com/news/article/0,aid,121711,00.asp



Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
Ko je trenutno na forumu
 

Ukupno su 715 korisnika na forumu :: 1 registrovan, 0 sakrivenih i 714 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Boris90