While email-borne malware and viruses increased dramatically in May, overall spam volumes remained flat, according to the monthly threat analysis from AppRiver.
malware activity increased in May, sporadically hitting peaks of more than 10
million pieces per day, AppRiver researchers said in its monthly threat-landscape
advantage of major news events to push out new pieces of malware while
cyber-attackers continued to target large companies in May, according to
AppRiver's latest Threat and Spamscape report released June 15.
the death of Osama bin Laden
, a number of malicious
Websites purporting to contain images and video from the Navy SEAL operation
appeared. They were actually downloading malware in the background. Malware
related to bin Laden's death flooded users' email inboxes and Facebook,
according to AppRiver.
still remnants of Royal Wedding-related malware toward the beginning of the
The number of
emails carrying viruses more than doubled for the fifth straight month,
according to AppRiver researchers. In May, more than 102 million email-borne
virus messages were quarantined, an increase of 239 percent over April.
"May 1 was the
largest volume of these messages that we have seen in a single day in nearly
two years," researchers wrote.
A new malware
kit, Weylan-Yutani, appeared for sale in underground forums in May, AppRiver
found. At approximately $1,065, the kit was notable for its ability to
create scripts designed to infect both PCs and Macs. Weylan-Yutani was the
first kit that made it easy to create Mac malware and the authors promised the
ability to create scripts for the iPad and Linux in later versions.
a user can browse past an infected site and become a victim regardless of their
operating system," AppRiver researchers wrote, suggesting that users and systems
administrators keep up with software updates. Echoing the recommendation often
made to secure the enterprise network, the endpoint should also have multiple
layers of security, including antivirus software, and a personal firewall, and
keep the user account separate from the administrator account.
their fair share" of malware, the researchers noted. May was the month fake
antiviruses such as MacDefender, MacProtector and MacShield infected a large
number of Mac users.
remained level this month, except for a spike that corresponded with bin
Laden's killing. Spam levels declined very slightly in April after the
Coreflood botnet was shut down and stayed about the same for most of May. The
amount of image spam declined about 40 percent.
from Asia increased slightly, and for the second consecutive month more spam
originated from Russia than any other country. India, Brazil the United States
and South Korea rounded out the top five.
3, many users received an email in which the sender claimed to be from the
Federal Bureau of Investigation. The messages claimed the FBI had been
monitoring users' browsing habits and accused them of visiting "40 illegal
Websites." Users were instructed to fill out an "attached questionnaire," which
was actually a Bredolab downloader, which would have created a "permanent
backdoor" to the victims' PCs that would be used to install other types of
malware at a future date.
security researchers got their hands on the source code when it was leaked, the Zeus Trojan
"is still around and going
strong," AppRiver said. A Zeus campaign posing as a Microsoft Security Update
appeared on the day Microsoft pushed out its Patch Tuesday updates.
corporate Websites were constantly hit during the month as cyber-attackers
continued hammering away at Sony's Websites as well as other companies such as
Michael's of Chicago, Eidos Games and Fox News. There was "strange network
activity" detected on LastPass servers, causing the site to force all users to
change their master passwords.