IM and P2P malware is packing a bigger punch
FaceTime announced its analysis of malware affecting today’s enterprise networks through instant messaging, P2P file sharing, and chat applications. In an analysis of threats tracked or identified by FaceTime Security Labs, 1,224 unique threats on greynet applications were reported in the past year, with attacks over peer-to-peer networks increasing by 140 percent over 2005 and multi-channel attacks increasing from 18 percent in 2005 to 29 percent of all attacks in 2006.
While the number of unique malware instances is down vs. 2005, when more than 2000 threats were identified, FaceTime researchers warn that the nature of today’s malware is more dangerous and can cause greater damage. The threats are more complex, stealthier than ever before and are propagating through multiple channels, making them harder to identify and protect against. FaceTime researchers expect this trend to continue as malware creators are more technically savvy and better-funded, using social engineering to create botnet armies at their disposal. Risky employee behavior on the Internet has become one of the biggest network security concerns for enterprise organizations.
Researchers at FaceTime Security Labs have gone beyond raw data collection to seek out, analyze and expose the perpetrators behind today’s malware threats many of which use social engineering to propagate through IM, peer-to- peer networks and social networking web sites. The clear motivation is financial, with the major malware discoveries of 2006 all pointing toward botnets designed to gather personal or banking data for malicious means.
“The numbers alone don’t tell the story,” said Chris Boyd, director of malware research at FaceTime Security Labs. “It is more important to understand that, although major network disruptions don’t seem to result from malware attacks propagated via IM, the sophistication, complexity and stealthy behavior of these threats make them far more dangerous.
“The sources of the most insidious threats we identified in 2006 are not the glory-hungry hackers of yesterday. These are cyber-criminals and click- fraud experts who are well funded, extremely savvy, and their M.O. is to stay in the background and collect as much information as they can before moving on to the next target. To be discovered by taking down a network would be counte