Malicious threats and vulnerabilities in instant messaging presented at Virus Bulletin 2003

by Eric Chien (Symantec),


Summary : Malicious threats and vulnerabilities in instant messagingInstant messaging is an up-and-coming threat as a carrier for malware. More and more
people are using instant messaging, both for personal and business reasons. Instant messaging
networks provide the ability not only to transfer text messages, but also transfer files.
Consequently, instant messengers can transfer worms and other malware.Furthermore, multiple vulnerabilities have been discovered and have yet to be discovered in
instant messaging clients. Such vulnerabilities not only give hackers remote access, but also
provide access to fast spreading blended threats. Current blended threats are limited by their
ability to find vulnerable hosts, but with instant messaging buddy lists, finding vulnerable
hosts becomes significantly easier resulting in a blended threat that may propagate faster than
Code Red and Slammer.This paper will discuss current and future threats to the various instant-messaging networks
including how the major instant messaging networks operate. We will also demonstrate a variety
of live attacks against instant messaging including hijacking and monitoring entire instant
messaging sessions, unauthorized remote access and control, and blended threat and classic
worm propagation.
Finally, current and future solutions will be discussed for the various threats
including how a company can secure instant messaging communication.