Email-Borne Malware Rose by 400% following the Rustock Shut down
On April 12, 2011 Commtouch security firm has come up with its quarterly Internet Threat Report which covers phishing, malware, web threats and spam. The report stated that malware circulated through e-mails is augmented by 400% during the concluding week of March 2011.
This major rise was found two weeks subsequent to the Rustock botnet takedown which leads to a 30% reduction in spam volume.
As per the report, in the last two years (2009-2010), virus distribution has reduced their usage of email attachment as a method of malware circulation. The concluding week of March 2011 witnessed high levels of emails with malware attachments.
The malware came in the form of forged UPS parcel tracking information. Email subjects vary from "United Parcel Service notification" and then changed to feature DHL related titles.
The attached zip file extracted to an executable- but with a PDF icon. The functions of malware include emailing more copies of it, installing additional files, and as per few reports, compromising banking details.
As stated in the report, February 2011 gives an example of email attached malware. The text of email states that, the PDF attachment is coming from a "Xerox WorkCentre Pro", a copier/scanner/printer used in offices. Commtouch called this harmful PDF as PDF/Expl.IQ.
The report states that after the malware ridden PDF reader application is effectively exploited, a novel piece of malware is taken from the Internet and then uploaded on the compromised machine, making it further vulnerable to other types of attacks.
Moreover, Zombie activity reduced tremendously after Rustock was taken down, but large increases of enslaved systems became evident after the malware outbreak at the end of the quarter (Q1 2011).
Besides, the report states that attempts by hackers to save money by their online presence in rubbish forums or utilizing online form-filling services in order to make the compilation of phished user information easy.
Related article: Email Security – A Big Challenge to Companies & Individuals
» SPAMfighter News - 20-04-2011