Contact Us divider Newsletter Signup divider How to Buy dividerFaceForward Blog
Home | Press Release
Contact Sales

Press Release

FaceTime Releases IM and P2P Malware Findings for 2007

Predicts 2008 Threat Landscape Expanding to Social Networking Sites, Total Number of Greynets to reach 1,000

BELMONT, CALIF. - January 8, 2008 - FaceTime Communications, the leading provider of solutions that control greynets and manage unified communications in the enterprise, today announced its initial findings of 2007 malware trends affecting today's enterprise networks through instant messaging (IM), P2P file sharing and chat applications. During 2007 there were 1,088 incidents reported over all IM, P2P, and chat vectors.

Within the IM category, 19 percent of threats were reported on the AOL Instant Messenger network, 45 percent on MSN Messenger, 20 percent on Yahoo! Instant Messenger and 15 percent on all other IM networks including Jabber-based IM private networks. Attacks on these private networks have more than doubled in share since 2003, rising from seven percent of all IM attacks to 15 percent in 2007.

In 2007 researchers saw a shift in the non-IM vectors used to distribute viruses, malware and spyware. Most notable is the rise in IRC-distributed attacks: in 2006, IRC accounted for 58 percent of attacks, rising to 72 percent by year-end 2007.

"Threats over IM and P2P networks are occurring at an average rate of just over five unique incidents per day," said Frank Cabri, vice president of marketing and product management for FaceTime. "Additionally, social networking sites are increasing in popularity resulting in a corresponding increase in malicious activity targeted at users of these sites."

During 2007, FaceTime researchers noted an increasing use of social engineering to propagate threats across IM networks and Skype, as well as over social networking sites such as MySpace.

Hackers often use social engineering - manipulation with contextual language to trick victims into clicking on links that launch infected files - to propagate malware over IM networks as well as within social networking sites. The files may take the form of multimedia (jpegs or movie files) or traditional executable files. This ranges from an IM appearing to be from a trusted buddy to fake MySpace comments, messages or friend requests.

For example, in September 2007 a virus propagated through MSN Messenger delivering a .zip file full of malicious code. Victims received messages appearing to be from those on their buddy lists saying "Do you remember this girl? I can't believe she took this pic… do you know her?"

In November 2007, a Skype Worm propagated via a message stating "help me find this girl," accompanied by an executable file named "photo," which deposited a large number of infected files on the victim's computer.

Social Networking Security Concerns
According to FaceTime Security Labs, the increasing threat over this past year has been the boldness of a growing underclass of glory hackers on social networking sites such as MySpace. The danger to corporate networks lies within the growing tendency for workers to blur their work and personal lives, often surfing these social networking sites on their work PCs and so exposing the organization to information loss, inbound malware threats and compliance risks.

In November 2007, The Bandjammer Trojan ran rampant through MySpace music profiles. Once a band's MySpace page had been hacked, an invisible background image was created that linked to a dangerous site. Visitors to the hacked profile had their browsers hijacked, with the Trojan installing fake toolbars warning of a possible spyware infection, which included a handy link to click for a free scan which in turn took victims directly to various porn sites.

In the height of the holiday season, many MySpace users received a friend request from a "fake Tom," with the promise of free ring tones. The messages appeared to be from Tom Anderson, president and co-founder of MySpace, who users meet as their first friend when signing up for a MySpace profile. MySpace quickly deleted the fake profiles, but hackers quickly regrouped with new fake profiles sporting Tom's famous profile photo associated with random first names.

For knowledge workers, it is as common to do work at home as it is to conduct personal tasks while at work. According to the recent survey Greynets in the Enterprise: Third Annual Survey of Greynet Trends, Attitudes and Impact, commissioned by FaceTime and conducted by NewDiligence, 85 percent of end users use their work PCs for personal purposes. Users describe looking at interesting sites on the Web (74 percent), banking (60 percent) and shopping (60 percent) as their top online personal activities at work, outside of sending email.

"Many hacks and scams are creeping into the mainstream areas of MySpace and other social networking sites, as the perpetrators become bolder and more aggressive," reports FaceTime's Director of Malware Research Chris Boyd. "The most horrendous content imaginable is now easily stumbled upon via simple redirects and blog hijacks. The myth that you have to ‘go looking for it' has never seemed further from the truth."

Boyd saw an aggressive shift in the hacker behavior over the past year, with a growing underclass of young hackers who don't care about revealing their real identity. "Children as young as 12 years old are sharing professional phishing kits and trading stolen credit card details," said Boyd.

"MySpace and other social networking sites will continue to be the most popular target for hackers, phishers and spammers in 2008 as long as they continue to offer the same level of profile customization to their users," continued Boyd. "It's never a good idea to promote functionality over security, but there's no way MySpace can suddenly change how their site works, causing their users to lose interest in the very things that brought them there in the first place."

2007 research findings and hacker busts from Boyd and other researchers are detailed on the FaceTime Security Labs blog at http://www.blog.spywareguide.com.

Growing Concern over Greynets
According to the GreynetsGuide.com Web site managed by FaceTime Security Labs, there are more than 600 greynets currently in use worldwide. The list includes commonly downloaded applications such as IM and Web conferencing, along with newer plug in-type applications like search engine tool bars and online social networking sites, multimedia distribution portals, IPTV, and Web 2.0 applications. FaceTime expects this number to grow to more than 1,000 by the end of 2008.

The concern over greynets in the enterprise stems from their inherent characteristics: these real-time applications are evasive and always on, and many are structured with a liberal allowance for user customization. These attractive aspects of greynets are the same characteristics that classify them as high security and compliance risks. The nature of these greynets compounds the risks of inbound malware, outbound information leakage and require continual revisiting of network usage and compliance policies.

The uncontrolled use of greynets on enterprise networks has grown significantly over the past year. Most organizations cite between eight and ten greynets operating in their networks, according to the Greynets in the Enterprise survey. This high level of employee usage has increased from 20 percent in 2005 to 41 percent in 2006 to 56 percent in 2007. Employees continue to believe they have the right to download any application they need onto their work PCs (36 percent).

"While many greynet applications have legitimate business uses, there are also many that do not," said Cabri. "Most organizations are not willing to accept the security and compliance exposure resulting from the uncontrolled use of these applications. IT managers need to ensure the safe use of approved applications and effectively detect and block the rogue use of unapproved applications."

About FaceTime Communications
FaceTime Communications enables the safe and productive use of instant messaging, Web usage and Unified Communications platforms. Ranked number one by IDC for four consecutive years, FaceTime's award-winning solutions are used by more than 900 customers - including nine of the ten largest U.S. banks - for security, management and compliance of real-time communications. FaceTime supports or has strategic partnerships with all leading public and enterprise IM network providers, including AOL, Google, Microsoft, Yahoo!, Skype, IBM, Reuters, and Jabber.

FaceTime is headquartered in Belmont, California. For more information visit http://www.facetime.com or call 888-349-FACE. The FaceForward blog, at http://blog.facetime.com, offers thoughts and opinions about the changing nature of Internet communications.

PR Contact:

Emily Chamberlin
650-762-2945
echamberlin@ar-edelman.com


Current Press Releases

Press Release Archives
2007 | 2006 | 2005 | 2004
2003 | 2002 | 2001

In the News Archives
2007 | 2006 | 2005 | 2004
2003 | 2002 | 2001

Customers

Awards & Certifications

Sign up for FaceTime's eNewsletter: The FaceTimes

The FaceTimes Archives

FaceTime Security Labs
Get information on the latest IM, P2P and spyware threats
 
 
Home  | Company  | Solutions  | Products  | Partners  | Support  | News & Events  | Security Labs  | Site Map  | RSS Feeds  | Contact Us
© Copyright 2003-2008, FaceTime Communications, Inc. All rights reserved.   Privacy Policy