Targeted Attacks Increase on Instant Messaging Networks

The IMlogic Threat Center, the industry's first global consortium to provide threat detection and protection for instant messaging (IM) and peer-to-peer (P2P) applications, today issued its Third Quarter 2005 threat report on the rise of IM security threats. The report highlights a 3295 percent increase in Q3, 2005 over Q3, 2004 bringing the year-to-date increase to 2083 percent over 2005 YTD.

The report released today provides key metrics on the continued attacks IM networks are experiencing from malicious code and worm writers. Key data points released include:

• 713 unique IM and P2P threats including IM-specific attacks and blended threats, which target IM and P2P applications
• 87 percent of reported incidents include IM worm propagation; 12 percent are known to hijack IM file transfer capability to deliver viruses; one percent of reported incidents utilize known client vulnerabilities or exploits
• 62 percent of reported incidents over IM networks targeted the MSN Messenger Client, Windows Messenger Client and MSN Network
• seven percent of reported incidents over IM networks targeted the Yahoo Messenger Client and Yahoo Messenger Network
• 31 percent of reported incidents over IM networks targeted the AOL Instant Messenger Client, AOL Instant Messenger Network, ICQ Client and ICQ Network
• The IMlogic Threat Center Forecasts Accelerated IM Threat Growth Through the Remainder of 2005.

Trend analysis provided in the IMlogic Threat Center Q3 2005 report suggests that IM-borne attacks will continue to increase as hackers capitalize on the growing popularity of IM in both consumer and corporate environments. The increasing popularity of consumer IM networks, combined with the emergence of federated enterprise IM environments, continues to drive IM as a popular medium for attacks.

The IMlogic Threat Center encourages consumers to protect themselves by keeping operating system patches and anti-virus software up to date, and to exercise caution when using embedded links or file transfer capabilities over the IM channel. Corporate IT departments can additionally leverage IM management and security technology to protect their networks from the risks associated with unmonitored and uncontrolled IM usage.