FYI...

- http://www.internetnews.com/xSP/article.php/3635106
September 29, 2006
"Instant messaging security firms are reporting a dramatic rise in the number of attacks. Akonix Systems* said the month of September holds the dubious distinction of having the most attacks in any month this year at 64. The September figure follows a disastrous August in which Akonix reported a 200 percent increase in the number of IM vulnerabilities. FaceTime Security Labs** is also reporting a surge in the number of IM threats. It discovered 87 threats on IM and IRC-based networks in September... As with e-mail-borne worms and viruses, threats are now also motivated primarily by financial gain, instead of fame or vandalism..."

* http://www.akonix.com/news/press_releases_2006/09282006.asp

** http://www.facetime.com/securitylabs/imp2pthreats.aspx

FYI...

- http://www.symantec.com/security_response/writeup.jsp?docid=2006-101314-0913-99
Discovered: October 13, 2006...
Type: Worm
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
> W32.Imaut.D is a worm that propagates via Instant Messaging applications.
Symantec Security Response is currently investigating this threat and will post more information as it becomes available..."

- http://www.facetime.com/securitylabs/imp2pthreats.aspx
" 10.13.06 W32/Sdbot-CSF IRC
- 10.13.06 W32/Kelvir-CG MSN Messenger
- 10.13.06 W32/Sdbot-CSE IRC ..."

FYI...

Phishers hijack IM accounts
- http://news.com.com/2102-7349_3-6126367.html?tag=st.util.print
Oct 16, 2006
"In a twist on phishing, cybercrooks are hijacking instant-messaging accounts to lure people to their information-thieving Web sites. Traditional phishing scams send out spam e-mail that contain links to fraudulent Web sites. These sites try to trick people into giving up sensitive information, such as a credit card details, Social Security numbers or login credentials for online services. In a tactic that includes a cocktail of online attacks, scammers are now also commandeering IM accounts to spread their bait. The mix of attacks used includes account hijacking, phishing and SPIM, or spam-via-instant-messaging.
In one example, a Yahoo employee on Friday found that scammers had used her account to send a link to a phishing Web site to her Yahoo Messenger contacts. The miscreants had gotten hold of the employee's login credentials, probably through another scam that she had fallen for, the company said. The link led to a site hosted on Geocities, Yahoo's free Web space service. The fraudulent site looked just like a Yahoo Photos Web site and asked visitors for their Yahoo login information. Yahoo took the scam site down on Friday morning.
"These hackers are super-devious, and we try to stay as much ahead of them as we can, but it is an industrywide issue," a Yahoo representative said Monday... People should know not to blindly trust links received in IM, [u]even if the link comes from a friend]/u]. Such links could be part of an IM worm or, as happened on Friday, bait for a phishing scam. Yahoo in August launched a new security feature that lets people customize their login page, a measure designed to thwart phishing scams. The feature requires people to create a unique "sign-in seal" on a specific PC. This seal--a text message or photo--will be displayed on the Yahoo login page when visited..."
Tip:
"Set your chat software to refuse file transfers without prompting first. File transfer within chat programs is a means to distribute malware such as worms, viruses, and Trojan horses. Refer to your chat software vendor's help files to learn how to configure your program for maximum security."