Hackers Increase IM Attacks

Postini announced a continuing trend by hackers to attack corporate networks through lightly protected instant messaging (IM) systems

SAN CARLOS, Calif. -- Postini, the global leader in Integrated Message Management, today announced that its Monthly Message Security & Management Update for June shows a continuing trend by hackers to attack corporate networks through lightly protected instant messaging (IM) systems and by sending email using image-only spam – spam that contains no text, just a picture. Image spam can contain a picture of words (a “screenshot”), a photographic image, or a combination of the two.

In June, Postini identified and prevented new IM malware attacks from infecting desktop PCs, including Worm.pic-myspace-info, an annoying worm that lures victims to a website from where the worm installs itself on a user’s machine, infects the victim’s IM client, and then replicates itself as an IM message to all of the victim’s “buddy list” members. Postini also protected its clients using Yahoo! Messenger from the Secunia/Yahoo.dos.vuln worm which launches denial-of-service (DoS) attacks, crashing other users’ Yahoo! Messenger clients with floods of messages.

World Cup spam and image-only spam containing pornography and stock offers were common in June. After declining steadily throughout 2005 (from about 12 percent of all spam down to about 5 percent, with some fluctuations), the use of image spam jumped dramatically in December 2005, to 25 percent of all spam, where it has remained since. Postini attributes this increase to spammers testing the deliverability of image spam in early 2005 and realizing that many anti-spam systems are helpless when messages contain no text to analyze, so the use of images helps get the spam delivered. Upon seeing the positive results, they converted much of their spam to image spam. Postini, with its Sender Behavior Analysis, detects and blocks image spam.

“Hackers and spammers are logically shifting their attacks away from secured systems, and aiming at unsecured ones. It is now very difficult to get a virus or worm past modern email protection systems, so hackers are now exploiting instant messaging systems,” explained Andrew Lochart, senior director of marketing at Postini. “And while most anti-spam products do a good job against run-of-the-mill text-based spam, many fail totally when presented with no text to analyze, thus the rapid rise in the use of image spam.”

Postini Inc.