As indicated in Postini's Message Security and Management Update for June, hackers and spammers continue to become more sophisticated in response to more widespread use of IT security applications. Hackers are moving beyond e-mail-borne viruses in favor of IM and Web site attacks, and spammers are using any way they can find to avoid network and endpoint message scanning tools as part of their evolution, researchers said.
In June, Postini said it intercepted a wave of new IM-based malware attacks, including Worm.pic-myspace-info, a worm virus that attempts to lure victims to a malicious Web site where the worm installs itself on an end user's PC. The attack then infects a victim's IM client software and replicates itself as an IM to all of the victim's "buddy list" contacts.
Another high-profile IM threat involved the Secunia/Yahoo.dos.vuln virus, which was aimed at users of Yahoo Messenger and attempted to launch DoS (denial-of-service) attacks on infected machines and crash other users' IM clients by assailing them with large volumes of messages.
San Carlos, Calif.-based Postini said it blocked more than 26 million e-mail-oriented viruses in June, representing a 4 percent decrease compared with May, and continuing a decrease in the sheer number of those types of attacks. The drop-off in e-mail threats is directly attributable to malware writers' shift toward attacking other, more vulnerable systems, including IM.
The top five viruses Postini tracked during June were Netsky, Mytob, Mime, Bagle and Mydoom, in that order. The company said its filters intercepted nearly 4.5 million individual Netsky attacks, 3.6 million instances of Mytob, 2.6 million examples of Mime, 2.5 million versions of Bagle and 1.4 million Mydoom threats.