Malicious code attacks being distributed via instant messaging have risen sharply in 2007, according to Akonix. The company’s researchers have tracked 20 malicious code attacks over IM networks in July alone, bringing the total number of IM-based threats Akonix has tracked for the year to 226 — an increase of 78 percent over the same time frame in 2006.
According to Akonix, the high level of attacks during this summer bucks a trend observed in previous years.
“We’ve seen decreases in IM attacks during the summer months each of the past three years, but this year the decrease has been less, leading to the alarming year-to-year jump in IM threats of 78 percent,” said Don Montgomery, vice president of marketing at Akonix, in a press release.
Montgomery said that the reason for the increase is largely due to the relatively small degree of attention that IM receives at the corporate level, as compared to email and web-based threats.
“Since most IT departments have secured email but have left IM unprotected, it’s only natural that hackers are adjusting their sights to delivering malicious code through the path of least resistance,” Montgomery said. “In corporate networks, that path of least resistance is IM.”
The majority of the IM threats tracked by Akonix in July were IRC-based, including the “W32/IRCBot-WZ” threat, which was just detected by Akonix Monday. Two attacks, “Spyware.SpyPal” and “Spyware.StealthChatMon” targeted multiple major IM systems, and have been detected on AIM, ICQ, MSN, Skype and Yahoo IM systems.
Other new IM worms identified in July included “Exploit-YIMCAM,” “Hupigon-SJ,” “InsideChatSpy,” “Svich” and “YahooSpyMon.” The “Sohana” attack was the most common, with four variants documented, followed by “IRCBot” for which Akonix identified three variants.
Akonix documented an even larger increase in peer-to-peer-based attacks in July, with 32 attacks in the month, up from only 10 attacks in June.
