Eric Chien Symantec
Neal Hindocha Symantec
Malicious threats and vulnerabilities in instant messaging
Instant messaging is an up-and-coming threat as a carrier for malware. More and more people are using instant messaging, both for personal and business reasons. Instant messaging networks provide the ability not only to transfer text messages, but also transfer files. Consequently, instant messengers can transfer worms and other malware.
Furthermore, multiple vulnerabilities have been discovered and have yet to be discovered in instant messaging clients. Such vulnerabilities not only give hackers remote access, but also provide access to fast spreading blended threats. Current blended threats are limited by their ability to find vulnerable hosts, but with instant messaging buddy lists, finding vulnerable hosts becomes significantly easier resulting in a blended threat that may propagate faster than Code Red and Slammer.
This paper will discuss current and future threats to the various instant-messaging networks including how the major instant messaging networks operate. We will also demonstrate a variety of live attacks against instant messaging including hijacking and monitoring entire instant messaging sessions, unauthorized remote access and control, and blended threat and classic worm propagation.
Finally, current and future solutions will be discussed for the various threats including how a company can secure instant messaging communication.
