You are here: Home > News > Article
Home
Business & Finance
News
U.S.
Politics
International
Technology
Entertainment
Sports
Lifestyle
Oddly Enough
Environment
Health
Science
Special Coverage
Video
Pictures
You Witness
Blogs
Reader Feedback
Do More With Reuters
RSSRSS Feed
Widgets
Mobile
Podcasts
Newsletters
You Witness News
Partner Services
CareerBuilder
Affiliate Network
Professional Products
Support (Customer Zone)
Reuters Media
Financial Products
About Thomson Reuters

FaceTime Releases IM and P2P Malware Findings for 2007

Tue Jan 8, 2008 9:30am EST
 
Email | Print | | Reprints | Single Page
[-] Text [+] 
Predicts 2008 Threat Landscape Expanding to Social Networking
            Sites, Total Number of Greynets to Reach 1,000
BELMONT, Calif.--(Business Wire)--FaceTime Communications, the leading provider of solutions that
control greynets and manage unified communications in the enterprise,
today announced its initial findings of 2007 malware trends affecting
today's enterprise networks through instant messaging (IM), P2P file
sharing and chat applications. During 2007 there were 1,088 incidents
reported over all IM, P2P, and chat vectors.

   Within the IM category, 19 percent of threats were reported on the
AOL Instant Messenger network, 45 percent on MSN Messenger, 20 percent
on Yahoo! Instant Messenger and 15 percent on all other IM networks
including Jabber-based IM private networks. Attacks on these private
networks have more than doubled in share since 2003, rising from seven
percent of all IM attacks to 15 percent in 2007.

   In 2007 researchers saw a shift in the non-IM vectors used to
distribute viruses, malware and spyware. Most notable is the rise in
IRC-distributed attacks: in 2006, IRC accounted for 58 percent of
attacks, rising to 72 percent by year-end 2007.

   "Threats over IM and P2P networks are occurring at an average rate
of just over five unique incidents per day," said Frank Cabri, vice
president of marketing and product management for FaceTime.
"Additionally, social networking sites are increasing in popularity
resulting in a corresponding increase in malicious activity targeted
at users of these sites."

   During 2007, FaceTime researchers noted an increasing use of
social engineering to propagate threats across IM networks and Skype,
as well as over social networking sites such as MySpace.

   Hackers often use social engineering -- manipulation with
contextual language to trick victims into clicking on links that
launch infected files -- to propagate malware over IM networks as well
as within social networking sites. The files may take the form of
multimedia (jpegs or movie files) or traditional executable files.
This ranges from an IM appearing to be from a trusted buddy to fake
MySpace comments, messages or friend requests.

   For example, in September 2007 a virus propagated through MSN
Messenger delivering a .zip file full of malicious code. Victims
received messages appearing to be from those on their buddy lists
saying "Do you remember this girl? I can't believe she took this
pic... do you know her?"

   In November 2007, a Skype Worm propagated via a message stating
"help me find this girl," accompanied by an executable file named
"photo," which deposited a large number of infected files on the
victim's computer.

   Social Networking Security Concerns

   According to FaceTime Security Labs, the increasing threat over
this past year has been the boldness of a growing underclass of glory
hackers on social networking sites such as MySpace. The danger to
corporate networks lies within the growing tendency for workers to
blur their work and professional lives, often surfing these social
networking sites on their work PCs and so exposing the organization to
information loss, inbound malware threats and compliance risks.

   In November 2007, The Bandjammer Trojan ran rampant through
MySpace music profiles. Once a band's MySpace page had been hacked, an
invisible background image was created that linked to a dangerous
site. Visitors to the hacked profile had their browsers hijacked, with
the Trojan installing fake toolbars warning of a possible spyware
infection, which included a handy link to click for a free scan which
in turn took victims directly to various porn sites.

   In the height of the holiday season, many MySpace users received a
friend request from a "fake Tom," with the promise of free ring tones.
The messages appeared to be from Tom Anderson, president and
co-founder of MySpace, who users meet as their first friend when
signing up for a MySpace profile. MySpace quickly deleted the fake
profiles, but hackers quickly regrouped with new fake profiles
sporting Tom's famous profile photo associated with random first
names.

   For knowledge workers, it is as common to do work at home as it is
to conduct personal tasks while at work. According to the recent
survey Greynets in the Enterprise: Third Annual Survey of Greynet
Trends, Attitudes and Impact, commissioned by FaceTime and conducted
by NewDiligence, 85 percent of end users use their work PCs for
personal purposes. Users describe looking at interesting sites on the
Web (74 percent), banking (60 percent) and shopping (60 percent) as
their top online personal activities at work, outside of sending
email.

   "Many hacks and scams are creeping into the mainstream areas of
MySpace and other social networking sites, as the perpetrators become
bolder and more aggressive," reports FaceTime's Director of Malware
Research Chris Boyd. "The most horrendous content imaginable is now
easily stumbled upon via simple redirects and blog hijacks. The myth
that you have to 'go looking for it' has never seemed further from the
truth."

   Boyd saw an aggressive shift in the hacker behavior over the past
year, with a growing underclass of young hackers who don't care about
revealing their real identity. "Children as young as 12 years old are
sharing professional phishing kits and trading stolen credit card
details," said Boyd.

   "MySpace and other social networking sites will continue to be the
most popular target for hackers, phishers and spammers in 2008 as long
as they continue to offer the same level of profile customization to
their users," continued Boyd. "It's never a good idea to promote
functionality over security, but there's no way MySpace can suddenly
change how their site works, causing their users to lose interest in
the very things that brought them there in the first place."

   2007 research findings and hacker busts from Boyd and other
researchers are detailed on the FaceTime Security Labs blog at
www.blog.spywareguide.com

   Growing Concern over Greynets

   According to the GreynetsGuide.com Web site managed by FaceTime
Security Labs, there are more than 600 greynets currently in use
worldwide. The list includes commonly downloaded applications such as
IM and Web conferencing, along with newer plug in-type applications
like search engine tool bars and online social networking sites,
multimedia distribution portals, IPTV, and Web 2.0 applications.
FaceTime expects this number to grow to more than 1,000 by the end of
2008.

   The concern over greynets in the enterprise stems from their
inherent characteristics: these real-time applications are evasive and
always on, and many are structured with a liberal allowance for user
customization. These attractive aspects of greynets are the same
characteristics that classify them as high security and compliance
risks. The nature of these greynets compounds the risks of inbound
malware, outbound information leakage and require continual revisiting
of network usage and compliance policies.

   The uncontrolled use of greynets on enterprise networks has grown
significantly over the past year. Most organizations cite between
eight and ten greynets operating in their networks, according to the
Greynets in the Enterprise survey. This high level of employee usage
has increased from 20 percent in 2005 to 41 percent in 2006 to 56
percent in 2007. Employees continue to believe they have the right to
download any application they need onto their work PCs (36 percent).

   "While many greynet applications have legitimate business uses,
there are also many that do not," said Cabri. "Most organizations are
not willing to accept the security and compliance exposure resulting
from the uncontrolled use of these applications. IT managers need to
ensure the safe use of approved applications and effectively detect
and block the rogue use of unapproved applications."

   About FaceTime Communications

   FaceTime Communications enables the safe and productive use of
instant messaging, Web usage and Unified Communications platforms.
Ranked number one by IDC for four consecutive years, FaceTime's
award-winning solutions are used by more than 900 customers --
including nine of the ten largest U.S. banks -- for security,
management and compliance of real-time communications. FaceTime
supports or has strategic partnerships with all leading public and
enterprise IM network providers, including AOL, Google, Microsoft,
Yahoo!, Skype, IBM, Reuters, and Jabber.

   FaceTime is headquartered in Foster City, California. For more
information visit www.facetime.com or call 888-349-FACE.

A&R Edelman
Emily Chamberlin, 650-762-2945 (media)
echamberlin@ar-edelman.com

Copyright Business Wire 2008

 

also on reuters

Featured Broker sponsored link

Editor's Choice

  • Pictures
  • Video
  • Articles
Photo

A selection of our best photos from the past 24 hours.  View Slideshow 

Most Popular on Reuters

  • Articles
  • Video
  • Recommended

Reuters Oddly Enough

Funny, quirky, strange-but-true stories from around the world.
Photo
Watch the videos
Read the stories
Get the daily newsletter
Check out the blog