- Steve Jobs is a man of a few words
- Internet routing blasts into space
- 15 free downloads to pep up your old PC
- IBM smartphone software translates 11 languages
- New attack fells Internet Explorer
Malicious code attacks over instant messaging networks are up almost 80% over last year, according to a new study from vendor Akonix.
In July, the company, which develops IM hygiene and compliance appliances and services, said it uncovered 20 malicious code attacks over IM. The total number of threats for 2007 so far is 226, the company said. That number is a 78% increase over the same period last year.
The company also said attacks on peer-to-peer networks, such as Kazaa and eDonkey, increased 357% in July 2007 over July 2006, with 32 attacks.
That report comes on the heels of a report by peer-to-peer network monitoring vendor Tiversa, which found contractors and U.S. government employees are sharing hundreds of secret documents on peer-to-peer networks.
In many cases, those users were overriding the default security settings on their peer-to-peer software to do so, according to Tiversa. Robert Boback, Tiversa’s CEO, and retired U.S. Army General Wesley Clark, a Tiversa board member, testified earlier this week before the U.S. House of Representatives Oversight and Government Reform Committee.
The IM attacks where tracked by the Akonix IM Security Center, which is a collaborative effort between Akonix, its customers and other security and messaging vendors.
The code used in the attacks was either brand new code or a variant of earlier code detected by the IM Security Center.
The new worms included Exploit-YIMCAM, Hupigon-SJ, InsideChatSpy, SpyPal, StealthChatMon, Svich and YahooSpyMon.
Akonix officials also said the attacks are moving beyond the nuisance stage and getting more malicious.
“Beginning at the end of last year we started seeing multi stage attacks where IM will deliver a URL and when a person clicks on it they get code loaded that will pull down other code,” says Don Montgomery, vice president of marketing at Akonix.
Montgomery says the IM Security Center also is seeing two stage attacks with the second stage being the downloading of a Trojan that waits for users to log into specific banking sites to activate a key-logging program.
In addition, there are multi-vector attacks where a malicious URL may be delivered by IM but propagated using e-mail or come in via e-mail and go out over IM. And attacks, focused on consumer services AOL, MSN and Yahoo, are beginning to span networks.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (14)
Anybody have a legitimate use for P2P in an office environment?By Thomas J. Raef on July 30, 2007, 10:04 amWhat company needs to allow programs like Limewire, Kazaa, ShareBear, or any of the other P2P programs? Why not just block all P2P traffic and let people infect...
Reply | Read entire comment
P2P In BusinessesBy Anonymous on July 30, 2007, 10:30 amSome people find ways to bypass security measures and download P2P software anyway. Management needs to deal with people it finds doing this, but sometimes the...
Reply | Read entire comment
Attacks?By Anonymous on July 30, 2007, 11:32 amWhen the word "attacks" is used I think of an actual incident where some malicious code is successfully run on another computer, using IM (in this case). In this...
Reply | Read entire comment
Attack vs. VulnerabilityBy Don Montgomery on July 30, 2007, 12:09 pmThe IM security center (www.imsecuritycenter.com) tracks "attacks", which are unique viruses, worms, trojans, or malicious web pages that have been discovered in...
Reply | Read entire comment
News vs. self-serving promotionBy meatpieandtatters on July 30, 2007, 1:07 pmWhen the source of the information is from the entity which stands to benefit how can you trust what they say? Objectivity aside, Akonix is in the business of selling...
Reply | Read entire comment
Radio Stations, for one.By Anonymous on July 30, 2007, 2:02 pmRadio Stations, for one. Specifically talk stations, that music they play coming into or going out of the shows? No station has the budget to purchase all that...
Reply | Read entire comment
View all comments