Security researchers analyzing spam and virus activity in third quarter 2010 saw an uptick in virus activity, hinting at new botnets on the rise.
Spammers are bombarding users with malware-laden spam in order to build up
new botnets, just in time for the holiday season, security researchers said
Oct. 19.
The Google Postini Services team analyzed spam and virus data collected
during the third quarter by Google's security and archiving services, powered
by Postini. The results, posted on the
Google
Enterprise Blog, found an abnormally high volume of virus activity in
August while overall spam dropped July to September after several
botnets
were shut down.
There was a 241 percent increase in virus volumes in August over July and
nearly double the volume from August 2009, wrote Adrian Soghoian and Adam
Hollman. In comparison, spam volume was
relatively
constant during the quarter, with dips in August and
September,
according to the post. Virus activity was also high-188 million viruses were
blocked in a single day, a record-noted the researchers.
August also had the greatest recorded surge in viral activity since 2008,
far surpassing October 2009 when
Mega-D
infected more than 250,000 computers worldwide before being shut down, Soghoian
and Hollman wrote.
The recent increase in viral activity could be a sign that spammers are
building new botnets by taking over more computers, just in time for the holiday
sales and increased online shopping, speculated the researchers. Consumers will
be looking for deals and discounts and shopping more online, and may be
particularly vulnerable to shopping-related scams.
Security researchers have often seen a correlation between spam, malware
campaigns and seasonal consumer spending patterns, according to the post.
The researchers said the scammers continue to use familiar tactics,
including spoofing major brands, celebrity gossip and fake financial
transactions in their virus-laden messages. There was a new tactic, where
previously sent e-mails were taken from the hard drives of infected computers
and resent, fooling many recipients because the wording and content is
familiar.
Other malware trends in September included an increased number of .zip and
.html attachments containing malicious JavaScript code, and shortened URLs
linking back to malicious Websites. Spammers take advantage of users getting
used to seeing URLs that mask the final Website address on their social
networks and trick them into clicking harmful links.
There was also an upswing in the number of Non-Delivery Report/Receipt
messages with malicious JavaScript embedded, the post said. As a
"hybrid" between virus and spam messages, these attacks directed
users to a malware site or stealthily downloaded software in the background.
"As always, be on the lookout for suspicious email language and
exercise extreme caution when clicking on links," cautioned the post.
Email
Print
