iTnews
  • Home
  • News
  • Technology
  • Security

IM worms on the increase

By René Millman on Apr 20, 2005 12:55PM

Worms propagating via instant messaging (IM) applications are on the increase according to a new study.

The Malware Evolution: January - March 2005 report from anti-virus vendor Kaspersky Labs found that since the beginning of the year there are been a noticeable increase in this type of malware. 40 variants of IM worms have been spotted this year alone with Bropia having the most variants. Most worms targeted Microsoft's MSN Messenger and are written in Visual Basic.

"These two facts taken together seem to indicate that IM worms are at the initial stage of evolution," said Alexander Gostev, senior virus analyst at Kaspersky Labs and author of the report.

He added the fact that the vast majority of the worms are written in Visual Basic demonstrated that most of the authors are fairly new to the virus writing scene and are relatively inexperienced programmers in general.

"The evidence currently points to IM worms being the domain of script-kiddies," said Gostev.

The worms use web links to download worms despite IM applications allowing file transfers. It appears virus authors find file transfer delivery to complex to write and so rely on the simpler web link method.

The author of the report said these worms are in evolving along the same lines as worms that propagated through peer-to-peer (P2P) networks a few years ago. Most then targeted Kazaa and were written in Visual Basic. The peak of P2P worms came in 2003 when ten new variants were spotted almost every week.

But Gostev said after that P2P infections slowed down and he expected IM worms to follow a similar pattern. He warned systems administrators to be aware of the threat and take action to prevent the spread of worms. One option he forwarded would be to forbid the use of IM until security improves.

The worms also install other malware. Bropia installs Backdoor.Win32.Rbot on the infected machine, turning it into a zombie machine in a bot network. (As reported in SC Magazine here.)

Last week the Kelvir worm, which targets Microsoft's MSN Messenger, forced Reuters to temporarily shut down its own messenging system on Thursday.

www.viruslist.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
imincreaseonsecuritytheworms

Partner Content

Security: Understanding the fundamentals of governance, risk & compliance
Promoted Content Security: Understanding the fundamentals of governance, risk & compliance
The Great Resignation has intensified insider security threats
Promoted Content The Great Resignation has intensified insider security threats
Why Genworth Australia embraced low-code software development
Promoted Content Why Genworth Australia embraced low-code software development
Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Promoted Content Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • Micro Focus Information Management & Governance (IM&G) Forum 2022
  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
By René Millman
Apr 20 2005
12:55PM
0 Comments

Related Articles

  • Wormable Windows RPC bug warning issued
  • Carnival fined US$5m for cyber security violations
  • Qld gov proposes mandatory data breach reporting for agencies
  • Critical Splunk bug propagates code execution
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Qantas calls time on IBM, Fujitsu in tech modernisation

Qantas calls time on IBM, Fujitsu in tech modernisation
Service NSW hits digital services goal two years early

Service NSW hits digital services goal two years early
SA Police ignores Adelaide council plea for facial recognition ban on CCTV

SA Police ignores Adelaide council plea for facial recognition ban on CCTV
NBN Co says TPG tie-up could help Telstra sidestep spectrum limits

NBN Co says TPG tie-up could help Telstra sidestep spectrum limits

Digital Nation

The security threat of quantum computing
The security threat of quantum computing
Integrity, ethics and board decisions in the digital age
Integrity, ethics and board decisions in the digital age
IBM global chief data officer on the rise of the number crunchers
IBM global chief data officer on the rise of the number crunchers
Crypto experts optimistic about future of Bitcoin: Block
Crypto experts optimistic about future of Bitcoin: Block
COVER STORY: Operationalising net zero through the power of IoT
COVER STORY: Operationalising net zero through the power of IoT
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.