Malware Attack Targets US Schools & Government Organizations
According to security firm MessageLabs, with the reopening of schools in the US in early September 2008, security experts started detecting malware attacks waged through e-mail targeting schools and a number of state government agencies, particularly in Virginia, Hawaii, Illinois and New Mexico.
Further, the attacks comprised over 1,000 e-mails from just 15 IP addresses; a majority of them were traced to the former Soviet Union. These addresses were consumer based indicating that the attacks were launched from a botnet that possibly seeks to expand. As per MessageLabs, these attacks possibly deploy the anti-virus XP 2008 malware.
It is found that cyber criminals are emphasizing on attaining high quality for their campaigns by using native language in localized spam mails. These messages, which are based on fragmented e-mail database, pertain to specific sectors that the spammers have already purchased.
Nevertheless, in the current attack, the criminals appear to have underestimated the personalized touch in the e-mails. In spite of obvious fragmentation of probable victims OF the spam, the criminals have been using social engineering techniques that are more appropriate for a big scale of malware campaign.
Besides, much more sophisticated variant of the current attack from the perspective of social engineering relates to 'spear phishing'. Spear phishing, according to security firm iDefense, is escalating, with certain groups are specializing in attacking high-profile targets.
Moreover, those victimized in the current attacks include Fortune 500 companies, financial institutions, legal firms and government agencies. Also, the attacks look to reach corporate banking database, customer information and other details to facilitate cyber-crime. As per reports, two groups of hackers have launched 95% of these assaults.
According to Paul Wood, Senior Analyst, MessageLabs, the company anticipates a rise in malware and spam once schools' session resumes. The education section is frequently targeted in the hope that teachers and students can be caught off guard. Moreover, the con artists know that security software would block executable attachments coming via e-mail; therefore, they are diligently including e-mail links pointing to Web-hosted malware, as reported by SecurityProNews on September 16, 2008.
Related article: Malware Authors Turn More Insidious
» SPAMfighter News - 25-09-2008