InfoWorld - Like airborne viruses, instant messaging worms are fledglings, but very much on the rise. These new worms are also proving that once inside a corporate network they can be just as destructive, if not more so, than traditional e-mail attacks.
E-mail remains the most widely used and destructive vehicle for spreading viruses and worms over the Internet, but the first three months of 2005 saw a rise in the number of worms using IM to propagate.
Antivirus company Trend Micro recently released its first quarter 2005 virus roundup, in which half of the reported outbreaks were IM worms. Since emerging as a proof of concept in 2001, IM worms have taken a back seat to e-mail worms. But the sharp increase in IM-based outbreaks this year signals a revival of the IM vehicle, according to Trend Micro officials.
IM worms are on the rise primarily because of the publishing of the source code for existing attacks, said David Perry, global education director at Trend Micro.
"There have been a couple successful [IM worms] and the source code was made available," Perry said. "Most viruses are minor variations on existing viruses."
IM management and security vendor Akonix Systems noted an alarming 400% rise in IM attacks in its Q1 IM and peer-to-peer threat summary.
Akonix's numbers showed more than double the total number of targeted attacks on IM and peer-to-peer networks in the first quarter of 2005 than in all of 2004, according to Francis Costello, chief marketing officer at Akonix.
"We've seen published threat methods, which let other virus writers jump in," Costello said.
Just this week virus alerts were issued for the latest variants of the Kelvir worm -- W32.Kelvir.U, W32.Kelvir.T, and W32.Kelvir.N Â -- which targets Microsoft's MSN Messenger and Windows Messenger. The Kelvir worm sends a URL via IM; once a user clicks on the URL, a worm is downloaded that sends itself to the now-infected user's contact list.
Although most IM worms target consumer systems such as MSN Messenger, Yahoo Messenger, and AOL's AIM, corporations still should be concerned.
According to IM security tool vendor IMlogic, nearly 85% of enterprises use public IM systems, and most do not have any additional security in place.
In fact, most enterprises are severely unprepared for IM-based malware attacks, according to Michael Osterman, president of Osterman Research.
The various types of IM attacks are not a critical problem yet for enterprises, but are rapidly becoming one, Osterman said.
"Within a matter of months this could become a huge problem that
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
