A group of internet security and instant messaging (IM) providers have teamed up to detect and thwart the growing threat of IM and peer-to-peer (P-to-P) viruses and worms.
The consortium, led by corporate IM software vendor IMlogic, is setting up a threat centre to analyse and warn against the vulnerabilities. It is offering free alerts and email notifications of risk assessments and threat management for subscribers.
The group also includes security companies McAfee and Sybari Software, and leading IM providers Yahoo, America Online and Microsoft.
IMlogic said they will be working together, along with other industry partners and security experts, to monitor and detect security risks to IM networks, as well as unwanted content such as spam over IM.
The group's formation follows evidence that security threats against IM and P-to-P networks are growing. Internet security firm Symantec estimated that viruses and worms on IM and P-to-P networks grew 400 percent between 2002 and 2003. This year it has seen continued threats, including some targeted against the MSN Messenger and ICQ instant messaging systems.
Furthermore, a list of the top security vulnerabilities recently released by the SANS Institute saw both file sharing and IM vulnerabilities entering the top 10 as new categories of risk.
"IM and P-to-P viruses and worms aren't as widespread as those in email but they are definitely a threat to a lot of people," said Carole Theriault, a security consultant at Sophos.
Smaller companies are particularly at risk because they often focus on using antivirus software to protect their email but overlook using firewalls to guard their servers and desktops, Theriault said.
In addition to viruses targeted at IM, malicious code is also often spread through messaging, allowing it to be easily obtained and tweaked by amateur virus writers to produce myriad and hard-to-track variants of threats, according to Theriault.
IMlogic's consortium is hoping to get a better idea of the kinds of security vulnerabilities lurking on IM networks through global monitoring and broad industry feedback.
The effort is being coordinated at the IMlogic Threat Center, which is on the company's website at www.imlogic.com. Internet users can also sign up for threat alerts at the site.
Three high-risk and three medium-risk virus alerts had already been posted at the threat centre on Tuesday.