Instant-messaging threats are mutating at an alarming rate, as virus writers attempt to bypass security-system updates that corporations use for protection, a security vendor said Tuesday.
A record number of IM threat mutations have been recorded by IMlogic Inc., which has found that 88 percent of all worms tracked by its threat center also have mutations. The worst chameleon is the Kelvir worm, which has mutated 123 times during the last 11 months, the Waltham, Mass., vendor said.
Kelvir accounts for 41 percent of mutations delivered only by IM, followed by Bropia with 10 percent and Opanki with 8 percent, IMlogic found.
The mutations, combined with the increasing sophistication of the malware, have created threats more capable of installing viruses on desktops, disabling security software and capturing personal information from computer users, the company said.
"IM threats are different than email threats," Art Gilliland, vice president of product for IMlogic, said. "Updating virus signatures doesn't work well for IM, because the mutations are exceedingly fast and so is the speed with which these threats propagate."
Instead, security experts recommend technology built for IM security that's similar to a network intrusion detection system. Such an IM system would look for anomalies pointing to an attack.
"You need something that is familiar with, and cognizant of the IM traffic,' Gilliland said.
In addition, any product would need to be connected to a large corporate community to share information on newly discovered viruses and other threats.
This year, 62 percent of mutating IM threats targeted Microsoft Corp.'s MSN instant-messaging network, 25 percent America Online Inc.'s and 8 percent Yahoo Inc.'s.
In October, more than 70 percent of worms identified by IMlogic were capable of disabling existing desktop security software and undermine traditional anti-virus detection.
Earleir this month, IMlogic reported that the number of instant messaging-oriented attacks climbed by 30 percent over September's.