Instead of the usual Internet browser or e-mail targets, hackers may be taking aim first at instant messaging networks. One security research outfit on Wednesday reported the highest monthly total ever of new IM viruses.
According to the Q3 Threat Report by San Diego-based Akonix Systems Inc., a messaging security developer, some 25 viruses were reported on IM networks during September alone.
“Weve been tracking viruses for about a year and a half now,” David Jaros, Akonix director of product marketing, told Ziff Davis Internet.
“We started doing this report about four months ago. What were seeing is that there could be a new phase of IM viruses emerging. In the past, IM viruses were variants of e-mail-borne viruses. Thats not exclusively the case anymore.”
Jaros said that his companys research demonstrates that there is an average of at least one IM virus attack being conducted every day now.
“Any organization with an IM network is exposed to attack,” said Jaros.
Old viruses are still morphing and being revamped to attack IM networks, he said.
But researchers at the companys security center say hackers are using IM to take over PCs and carry out zombie-style attacks.
Typically, they will commandeer a PC, and then use the buddy list to send out IM messages packed with viruses and links to Trojan horses.
The group encountered 25 IM virus attacks in September.
That was down a bit from the 47 attacks seen in August, Jaros told Ziff Davis Internet.
The viruses, and attacks, are discerned through collaboration with public IM networks, other software vendors and customers.
According to Gideon Stein, the chief executive officer of New York-based IM security vendor Omnipod Inc., many corporate customers now complain about the lack of security on instant messaging networks.
“This is on AOL, MSN and Yahoo,” Stein told Ziff Davis Internet.
Stein said a solution is to route IM over a proprietary network, created to “strip out” the viruses before they reach PCs in the enterprise.
“People need to get off the consumer platforms,” said Stein. “IM is mission-critical now. You cant rely on consumer networks to provide enterprise-level security.”
New IM viruses identified during the last month by Akonix were Mete, Parda, Simbag and Lewor.
These viruses represent the “latest” wave of attacks of IM.
Last month, researchers discovered that an IM-delivered virus queried the configuration of the client software to determine the language used to send the next message.
The Mete worm, consequently, was delivered in Spanish, Jaros said.
In addition, peer-to-peer networks, such as Kazaa and eDonkey, are also increasingly facing IM attacks, with the total rising 9 percent last month, according to Akonix.
