Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Instant Messaging: A New Front in the Malware War

    By
    Paul F. Roberts
    -
    May 23, 2005
    Share
    Facebook
    Twitter
    Linkedin

      The recent appearance of the Oscabot-F IM worm is the latest in a series of increasingly serious attacks affecting instant messaging networks, a trend that is forcing IT managers to choose between banning the popular chat technology and opening their networks to a host of IM-borne worms and viruses.

      Attacks against major IM networks rose 400 percent last quarter, when there were 25 major IM attacks, compared with five in the same quarter last year, according to figures compiled by IM security vendor Akonix Systems Inc., in San Diego.

      Anti-virus company Symantec Corp. has also seen a sharp rise in high-profile threats that spread over IM and peer-to-peer networks, said Vincent Weafer, senior director of Symantec Security Response, in Cupertino, Calif.

      Oscabot-F is typical of new threats aimed at IM. That worm spreads through America Online Inc.s AOL Instant Messenger client.

      AIM users receive an instant message that reads “lol have you seen this?” and seems to come from an AIM contact.

      Clicking on a link in the message downloads and installs the Oscabot-F worm onto the victims computer and sends identical messages to all the victims AIM buddies.

      IM worms behave like e-mail worms in many ways. However, unlike e-mail clients, IM clients such as AIM and MSN Messenger are designed to be flexible, or “port agile,” when trying to communicate with their host networks.

      IM users whose communications are blocked by a corporate firewall can configure some IM clients to communicate via port 80, which is used for HTTP traffic and commonly left open on firewalls. This can make it more difficult for administrators to block IM use on their networks.

      /zimages/4/28571.gifColumnist Larry Seltzer offers suggestions on how to avoid mail worms. Click here to read more.

      The growing adoption of IM in the enterprise and the growing number of IM threats may pressure messaging security vendors to support IM security as well, said John Pescatore, an analyst at Gartner Inc., of Stamford, Conn.

      Secure messaging gateways that consolidate SMTP traffic, Web-based e-mail traffic and IM, as well as firewall and intrusion prevention features, are the right medicine for evolving threats such as IM worms and viruses, he said.

      Adding to the problem is that IM clients have bulked up in recent years and now support a host of features, such as file transfer, that can pose a serious risk to security- and privacy-conscious organizations, said Rex Voorheis, senior manager of network infrastructure at Crowe Chizek and Co. LLC, an accounting firm in Grand Rapids, Mich.

      Crowe Chizek last year debuted IM as an internal tool using IBMs Lotus Sametime. The company supports public IM clients such as MSN Messenger and AIM.

      The companys clients requested IM to coordinate with their consultants. Crowe Chizek works with a number of large financial institutions, which typically have stringent security policies on IM use, and purchased IM security technology from FaceTime Communications Inc. so it could block IM file transfers and audit IM use, Voorheis said.

      The firm hasnt been hit by any IM worms yet.

      Experts say the number of IM threats is still comparatively small—Symantec counted 50 last quarter, a fraction of the more than 2,000 unique Windows threats in that quarter—but Voorheis sees them as an evolving problem.

      /zimages/4/28571.gifRead more here about researchers proposed worm early-warning system.

      Slither

      Long a malicious code oddity, IM-based worms and viruses are becoming more common

      * Oscabot-E (May 05) A worm that targets users of AOL Instant Messenger

      * Kelvir (Feb 05) An IM worm spread through Microsofts Windows Messenger and MSN Messenger

      * Bropia (Jan 05) An IM worm that monitors MSN Messenger conversations and displays text and links to sites with malicious code

      * MyDoom Some variants spread via ICQ IM network

      /zimages/4/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Paul F. Roberts

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×