We support Microsoft .NET Framework 2.0 & 1.1, all versions of Access, SQL 2000, SQL 7.0, SQL 2005 Express, SOAP, FrontPage 2002, 2003, Visual Studio 2005, Index Server, XML, UDDI, & Mobile device support. We also offer great third party tools like SmarterMail, Merak Mail, SmarterStats, PHP, Perl, MySql, DeepMetrix Livestats XSP 8.0.   We support Microsoft .NET Framework 2.0 & 1.1, all versions of Access, SQL 2000, SQL 7.0, SQL 2005 Express, SOAP, FrontPage 2002, 2003, Visual Studio 2005, Index Server, XML, UDDI, & Mobile device support. We also offer great third party tools like SmarterMail, Merak Mail, SmarterStats, PHP, Perl, MySql, DeepMetrix Livestats XSP 8.0.
 Thursday, July 07, 2005
Threat increases from IM-based attacks

A study released yesterday found that hackers and virus writers are recognizing and exploiting the opportunities presented by IM-based attacks, the numbers of which have risen sharply over the last two quarters.

The number of IM attacks such as viruses, worms, and phishing scams has increased from twenty for all of 2004 to 571 in the second quarter of 2005 alone, representing an increased threat to both enterprise users and the average consumer, the study from instant messaging security vendor IMlogic Inc. said.

The study, performed by the IMlogic Threat Center with the support of IT security companies Symantec Corp., McAfee Inc., and Sybari as well as IM leaders America Online Inc., Yahoo Inc., and Microsoft Corp., reported that 70% of IM-based attacks target public IM networks and 30% target enterprises.

"IM usage has reached critical mass and virus writers have now recognized it as a mostly undefended medium," said IMlogic CEO and co-founder Francis deSouza. "These [viruses and worms] are mutating, high velocity, and invisible to most companies until they hit. All these factors combine to create a serious risk."

IM attacks act much like e-mail worms and viruses, stealing information from the user's computer or turning that computer into a so-called zombie by tricking users into clicking on phony links or into opening malicious attachments. IM-based attacks can be even more threatening because people receive false instant messages from a name on their buddy list rather than a strange e-mail address, DeSouza said.

"Having an army of zombies is the economic equivalent of having an oil well," said analyst Alan Paller of the SANS Institute. "The two most important things [for a user] to do are block all attachments on IM and to filter IM traffic so you only get it from trusted sites."

In corporate environments the Kelvir, Opanki and Gabby worms were the most common, the study said.

Some attacks are tailored to a specific user and appear to be, for instance, a highly personalized message. The study said that these attacks made up less than 1% of the recorded IM attacks. For the most part, IM attackers aren't sophisticated enough to single out any one user, Paller said. However rare "targeted" attacks may be, Paller emphasized that they are the most dangerous.

The vast majority -- 86% -- of reported attacks involved viruses or worms that capitalize on real-time protocols. The study showed that all of the most successful IM services -- AOL Instant Messenger, MSN Messenger, Windows Messenger, and Yahoo Messenger -- were vulnerable to IM attacks.

We certainly also recommend that you have either.  Nod32 Anti-virus and the free anti-virus from  AVG and AVast some of these offer protection for IM and Outlook as real-time plug-in.

Threats
7/7/2005 7:39:33 AM (Pacific Daylight Time, UTC-07:00)  #    Disclaimer  |  Comments [0]  | 
Related Posts:
UPS phishing again
Obama sex video
Attack Breaks DNS Patches!
Kaminsky provides the why
DNS vulnerability
MPack: the Strange Case of the Mass-Hacking Tool