Instant Messaging Gets Riskier

As more worms targeted Microsoft's MSN Messenger last week, a threat center devoted to tracking instant-messaging hacks released statistics that put numbers to what IM users already know: Instant-message threats are on the rise. According to the IMlogic Threat Center--an effort by vendors such as IMlogic, McAfee, and Symantec--IM and peer-to-peer exploits have exploded in 2005 and have grown 50% each month so far. The threat center has warned of more than 30 widespread incidents of IM or peer-to-peer viruses, worms, or other malicious code so far this year, Jon Sakoda, IMlogic's chief technology officer, said in a statement. Most--81%--were aimed at instant messengers.

Seven out of 10 attacks were aimed at MSN Messenger, Windows Messenger, and the MSN IM network, the center reported. Variants of the Kelvir worm that hit Microsoft's client and public IM network last week entice MSN Messenger users to click on a link, which takes them to a malicious site where the code--a version of the Spybot worm--is downloaded to their systems, opening them up for attack or hijacking by spammers. Sumon worm variants propagate over the eMule peer-to-peer file-sharing network as well as MSN Messenger, disable a long list of security software, and try to overwrite the hosts file so that commonly accessed security Web sites can't be reached.