Instant messaging is extremely popular nowadays, with millions of users connecting to such applications everyday. There are many different and popular IM clients on the Web, including Yahoo, MSN, ICQ and others. However, all these programs are exposed to several types of threats.
So says Denis Maslennikov, senior malware analyst at Kaspersky Lab, who explains that IMs are attractive to malicious users of all kinds, a fact that is driving malware distribution via IM clients. New versions of IM clients contain as yet undiscovered vulnerabilities, which are usually identified first by hackers and only afterwards by program developers.
There are three main malicious activities that could be conducted through IM clients: “Attackers can either steal passwords of the users connecting to the applications, spread malware or send spam messages,” Maslennikov says.
Cyber-criminals attack IM clients for several reasons, he adds. “To sell stolen ICQ numbers, to create spam lists for sale to spammers or for mass distribution of malicious programs, and to use the victim's contact lists as trusted sources to 'borrow' money.
“IMs are often used to spread malicious programs. For example, IM worms that use the client as a base for self-propagation, Trojan programs for stealing passwords, and malicious programs are created to fraudulently obtain money from users.”
According to Maslennikov, if IM worms usually spread with little or no help from the user, then in other instances cyber-crooks use several different social engineering scams to get the potential victim to open a link, which in turn downloads a malicious program.
Maslennikov says malware is also spread through spam messages that contain direct links to malware or to sites that contain Trojan-Downloader programs. The downloaders, in turn, install malware on the victim's computer, in most cases by exploiting vulnerabilities in browsers.
In terms of spam, he says ICQ spam differs significantly from e-mail spam in that the majority of e-mail spam advertises various goods and services, from pills to watches. The proportion of such advertising in ICQ spam is far less. “ICQ makes it possible to search for people based on their interests, allowing cyber-criminals to target specific audiences.”
MSN, one of the most widely used IM clients on the Internet, is a popular target for attackers due to its popularity. "Criminals exploit MSN Messenger as it is included in the Windows installation package, meaning all Windows users automatically have the MSN client on their machines. The popularity of MSN around the world makes it all the more attractive to cyber-criminals wanting to increase the number of infected computers in their botnets,” he explains.
“There are ways for users to protect themselves from IM attacks, but the best is probably extra caution when using such an application. If a message comes from a user you know, find out whether they really sent it. Don't download .exe extension files and launch them. Ignore messages and links from mistrusted sources, and even question those apparently from friends who ask you to open a link. Make sure your machine is updated with the latest anti-virus, and just use a little common sense. This will help you enjoy worry-free chat via the Internet.”
Share