More Malware with PDF Attachments in July
Malware is not giving any signs to stop or to reduce. The volume of new Web-based malware has gone up 28.3% during July 2007 compared to the previous month, according to MessageLabs' Intelligence Report for July 2007. MessageLabs is a leading web security and integrated messaging services provider.
MessageLabs' recent Intelligence Report indicates that the level of new malware has increased by 10% over June-July 2007. It also shows that an average of 989 new malware-hosting sites were blocked each day in July 2007.
According to the research, the worldwide amount of spam mails in total e-mail traffic from bad sources in July 2007 was 71%, which represented a decrease of 1.4% from June 2007. China experienced the most significant levels of spam at 18.3%. MessageLabs' report also shows that in July 2007, Israel continues as the highest spam producing country at 60%. United States followed with 5.9%.
The research further confirmed that the trend continuing from the last month of June 2007 shows that spammers largely preferred PDF attachments in their e-mails. But MessageLabs found that professional spammers are increasingly adopting PDF technique to modify them to avoid detection.
Of the total image spam detected in July 2007, there were PDF files in approximately 20% of them. In some recent instances, the PDF documents were programmed with active 'document protection settings'. These settings are features that enable the spam mails to more easily escape detection by traditional anti-spam scanners. MessageLabs also found that the PDFs contained 'Bayes Poison' - a range of words, randomly selected and generally not found in a standard spam mail. This is the spammers' added tactic to elude detection.
Though in past, PDF files were a trusted e-mail attachment, it has now started to be used much more for sinister operations, said Mark Sunner, chief security analyst at MessageLabs. MarketWire published Sunner's statement on July 31, 2007. With malware increasing by nearly 10% in July 2007, the PDF threat is likely to get more malicious with spammers embedding malware in this type of attachment from where it would automatically download onto the infected computer, Sunner added.
Related article: More Requests For Better E-Mail and Spam Control
» SPAMfighter News - 09-08-2007