Forum latest

New IM Attacks, Bugs Signal Stealthier Exploits
General
Written by Daniel   
Monday, 01 October 2007 14:16
IM offers attack vectors that could be more dangerous than email

OCTOBER 1, 2007 | 11:05 AM
DarkReading
By Kelly Jackson Higgins
Senior Editor, Dark Reading

Recently discovered vulnerabilities in the most popular instant messaging (IM) applications, as well as some targeted attacks via IM, are providing a glimpse of the threats to come.

Attacks on instant messaging systems still aren't as prevalent as those on email systems, and most IM attacks have been annoying worms aimed at recruiting bots or spewing spam. But newly found IM vulnerabilities indicate how lethal an IM attack could be: The AIM bug doesn't even require that the victim take any action at all to become infected.

And there are signs that the bad guys are gradually starting to use IM's rapid-fire transfer of messages as a more efficient way to spread bot infections, send spam, or conduct targeted attacks than store-and-forward email.

While IM attacks have increased only modestly this year, researchers at Akonix Systems, which sells IM security software, have seen about 300 IM attacks this year so far. It's the level of sophistication and criminal motivation behind these attacks over the past year and a half, as well as the new bug discoveries, that is especially significant, says Don Montgomery, vice president of marketing at Akonix. And last month, there was a 20 percent increase in these attacks versus the same period last year.

"There are stealthy, two-stage, worm and keylogger attacks. The keylogger waits on the desktop until the user logs onto a specific banking site, for example," he says. "It then grabs the password and login and uses email to send that out to a variety of always-moving [malicious] Websites."

And because the bad guys prefer the path of least resistance, IM makes an attractive target. Few companies actually secure their IM systems: A recent Akonix survey found that while 85 percent of organizations said they secured their email systems, only 10-15 percent had done the same for their IM systems. And IM infections are tougher to stem: "It's fast -- you can remediate an email server during the lag [in store-and-forward email]. But with instant messaging, you don't have that lag time."

One of Akonix's customers, which Montgomery describes as "one of the largest software companies in the world," suffered a targeted attack via its MSN Messenger IM system six months ago that infected around 10,000 desktops.

"It was a poisoned URL attack that downloaded malicious content into their network," says Montgomery, who could not disclose the name of the software vendor. "As it went from buddy list to buddy list, the whole company was infected rapidly, as well as external buddies."... More           Comment in the Forums
 

See also

None found.


Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either