Adam Gartenberg's Blog

Business Analytics and Optimization, IBM and Social Marketing

McAfee: Instant Malware: A Different Kind of IM


Coming in at #4 on McAfee Avert Lab's Top 10 Threat Predictions of 2008 are instant messaging vulnerabilities through the use of public IM networks.  There were twice as many vulnerabilities coming in over AIM, Yahoo IM and MSN Messenger in 2007 compared to 2006, and Skype suffered its first batch of worms.  There were 10 high-severity risks in 2007, compared to zero in 2006.  And they foresee a much greater risk for a self-executing IM worm.  

4. Instant Malware: A Different Kind of IM
For several years, researchers have warned of the risk of a self-executing instant-messaging (IM) worm. This threat could spawn millions of users and circle the globe in a matter of seconds. Although IM malware has existed for years, we have yet to see such a self-executing threat. While it's anyone's guess exactly when this threat will emerge, the stars may be starting to align. The National Vulnerability Database reports more than twice the number of AIM, YIM, and MSN Messenger vulnerabilities for 2007 over the prior year. More important, there were 10 high-severity risks in 2007, compared with zero in 2006. Additionally, the top IM virus families of 2005 and 2006 were replaced with new active threats, signifying an "out with the old and in with the new" milestone. With nearly a quarter-billion users, Skype suffered its first batch of worms in 2007. Many more are expected to follow.


Enterprise IM, anyone?

Link:  
Top 10 Threat Predictions of 2008