Like airborne viruses, instant messaging worms are fledglings, but very much on the rise. These new worms are also proving that once inside a corporate network they can be just as destructive, if not more so, than traditional e-mail attacks.
E-mail remains the most widely used and destructive vehicle for spreading viruses and worms over the Internet, but the first three months of 2005 saw a rise in the number of worms using IM to propagate.
Anti-virus company Trend Micro recently released its first quarter 2005 virus roundup, in which half of the reported outbreaks were IM worms. Since emerging as a proof of concept in 2001, IM worms have taken a back seat to e-mail worms. But the sharp increase in IM-based outbreaks this year signals a revival of the IM vehicle, according to Trend Micro officials.
IM worms are on the rise primarily because of the publishing of the source code for existing attacks, said David Perry, global education director at Trend Micro.
“There have been a couple successful [IM worms] and the source code was made available,” Perry said. “Most viruses are minor variations on existing viruses.”
IM management and security vendor Akonix Systems noted an alarming 400 percent rise in IM attacks in its Q1 IM and peer-to-peer threat summary. Akonix’s numbers showed more than double the total number of targeted attacks on IM and p-to-p networks in the first quarter of 2005 than in all of 2004, according to Francis Costello, chief marketing officer at Akonix. “We’ve seen published threat methods, which lets other virus writers jump in,” Costello said.
Just this week virus alerts were issued for the latest variants of the Kelvir worm — W32.Kelvir.U, W32.Kelvir.T, and W32.Kelvir.N