Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Email-Borne Malware Rose by 400% following the Rustock Shut down

On April 12, 2011 Commtouch security firm has come up with its quarterly Internet Threat Report which covers phishing, malware, web threats and spam. The report stated that malware circulated through e-mails is augmented by 400% during the concluding week of March 2011.

This major rise was found two weeks subsequent to the Rustock botnet takedown which leads to a 30% reduction in spam volume.

As per the report, in the last two years (2009-2010), virus distribution has reduced their usage of email attachment as a method of malware circulation. The concluding week of March 2011 witnessed high levels of emails with malware attachments.

The malware came in the form of forged UPS parcel tracking information. Email subjects vary from "United Parcel Service notification" and then changed to feature DHL related titles.

The attached zip file extracted to an executable- but with a PDF icon. The functions of malware include emailing more copies of it, installing additional files, and as per few reports, compromising banking details.

As stated in the report, February 2011 gives an example of email attached malware. The text of email states that, the PDF attachment is coming from a "Xerox WorkCentre Pro", a copier/scanner/printer used in offices. Commtouch called this harmful PDF as PDF/Expl.IQ.

Recipients who opened the file would not see anything- there is no text or image content displayed. The PDF file includes JavaScript that attacks several vulnerabilities in PDF reader applications. All these files have been patched in the latest versions of Acrobat Reader.

The report states that after the malware ridden PDF reader application is effectively exploited, a novel piece of malware is taken from the Internet and then uploaded on the compromised machine, making it further vulnerable to other types of attacks.

Moreover, Zombie activity reduced tremendously after Rustock was taken down, but large increases of enslaved systems became evident after the malware outbreak at the end of the quarter (Q1 2011).

Besides, the report states that attempts by hackers to save money by their online presence in rubbish forums or utilizing online form-filling services in order to make the compilation of phished user information easy.

Related article: Email Security – A Big Challenge to Companies & Individuals

» SPAMfighter News - 20-04-2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next