In its “October Threat Forecast & Report,” security vendor MX Logic reported that 5.14 percent of all e-mails in September contained malware, more than twice August’s percentage and more than five times January’s rate of 0.95 percent. Symantec had similar findings in its October “State of Spam” report, where the vendor reported the percentage of e-mails with malicious code multiplied about 12 times between June and September.
“The two largest contributors to this increase in September were e-mails purporting to be an iPhone game and fake FedEx delivery notifications,” said Sam Masiello, vice president of information security at MX Logic.
The fake iPhone game is actually a Trojan, and the bogus FedEx delivery notification e-mails attempt to trick recipients into opening a malicious .zip file attachment. At its peak, the FedEx spam accounted for four out of five malicious e-mail messages processed by MX Logic’s Threat Operations Center.
“It’s unknown which group was sending out the fake FedEx notifications, but it is believed to be the same group who sent out similar messages purporting to be from both DHL [Worldwide Express] and UPS,” Masiello said. “The malware for the fake iPhone games was named by the major anti-virus vendors as being associated with the Srizbi botnet. Several months ago, the Srizbi botnet accounted for more than 50 percent of all spam being sent on the Internet. Although Srizbi is still prevalent, it has been overtaken by the Cutwail/Rustock botnet as it relates to daily mail volumes.”
The Symantec report also noted an increase of zombie activity by more than 100 percent between August and September, reversing a decline that occurred between July and August. The countries with the largest increase in the number of zombies include South Korea, Kazakhstan, Romania and Saudi Arabia. However, both MX Logic and Symantec report the United States still leads overall in spam sent.