Home > General > Spam campaigns increase malware activity

Spam campaigns increase malware activity

September 9, 2009 Leave a comment Go to comments

Malware activity was on the rise in August due to several spam campaigns and increasing levels of software vulnerabilities marked by critical in-the-wild exploits.

Network security and unified threat management (UTM) solutions specialist Fortinet released their latest security report which highlighted the ZBot variant that surpassed the previous worms Sober in 2006, the Storm worm in 2007 and rogue security software in 2008.

ZBot variants flooded cyberspace on July 24 at record levels. One came through HTML/Agent.E, an attachment in an email which used the ever-popular eCard hook to potentially steal and sell personal consumer information. An additional ZBot variant made it to the top 10 malware list, yet, even with such high activity rates, ZBot still did not grab up the top position. Instead, the online gaming trojan W32/OnlineGames.BBR maintained its first place position for the third consecutive month.

Another ZBot variant made our top 10 this month: W32/Kryptik.E. Adware continued to be distributed through DHL invoice campaigns, as can be observed with the Bredolab trojan (detected as W32/Bredolab.AI!tr and HTML/Agent.Q!tr).

“Threat activities for this month involved a few well-known schemes that are up to some new tricks, a good indication that cyber criminals were not pulling out all the stops, but they certainly were not taking a break during summer vacation,” said Derek Manky, Project Manager, cyber security and threat research, Fortinet. “With criminals counting on consumers to fall for virtually the same old tricks, it cannot be stressed enough that we need to know whom and what to trust – this is an important element to a robust security model.”

While the popular eCard social engineering campaign continued to prey on the innocent, this month’s report highlighted a new money mule scheme. Using a fake job advertisement, this plays on a legitimate company name and the desperation of victims to make a quick buck in a money-laundering scheme. Israel entered the top five region list for receiving high spam volume, while the US, Japan and France accounted for the remaining share of detected spam.

The job description in “Accounts Receivable” involves forwarding 90 per cent of funds to a branch office, whilst keeping 10 per cent of the remaining funds to yourself as commission. In reality, cyber criminals often need a way to transfer money, and the moneymule is a favoured way to do so.

Global spam rates remained relatively consistent this period and regional activity was smoothed with the USA, Japan and France accounting for a similar share.

Categories: General
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: