Malware, spam, botnets growing faster than ever before
- 25 June, 2008 11:23
The spam and malware tsunami continues to cast a mounting shadow over the Internet this week.
An announcement from F-Secure warned that malware is growing faster than ever before, while Marshal's TRACE team claims that the volume of malicious spam in circulation has more than tripled in one week.
Marshal fingered the Srizbi botnet as the chief culprit, currently responsible for 46 percent of all spam sent, helping malicious spam figures jump from 3 to almost 10 percent of all spam traffic so far in June.
TRACE team lead threat analyst, Phil Hay, said that Srizbi's criminal controllers are currently on a major expansion drive.
Srizbi is duping recipients by including the first part of their e-mail address in the subject line with the suggestion that they look "stupid" in a video, luring them to a Web site to view the video where they are exposed to malware.
Marshal said Srizbi is also targeting social networking sites like Classmate.com, luring victims to dodgy sites with the promise of messages from long lost school friends. A Flash video player link is presented to the victim, which downloads an executable file that infects their computer.
"This kind of social engineering tactic is nothing new," said Hay.
"What is significant is the rapid increase in the volume. It once again demonstrates the incredible power and dominance that the major spamming botnets have over email traffic. Very few legitimate businesses could triple their e-mail capacity at the push of a button. But this is the advantage that the illegal control of thousands of computers gives the spammers.
"We see Srizbi as one of the biggest threats to Internet users today. Users should be wary of emails that make personal offers such as online friend connections or include inflammatory personalised subjects such as 'you look stupid in this video', particularly if they don't recognise the sender," he said.
According to F-Secure's security summary for the first half of 2008, the unprecedented growth in malware is due to the packing, encryption, and obfuscation of existing families of trojans, backdoors, exploits and other threats now being done with "industrial efficiency".
The number of malware detections has grown by almost half a million since the end of the year, jumping from 500,000 total detections to 900,000.
"I have a nasty feeling that the situation is getting worse, not better", says Mikko Hypponen, chief research officer for the security vendor.
F-Secure cited targeted malware attacks such as the classmates.com con that Marshal reported as key growth areas for dodgy software peddlers over the past six months.
Targeted malware attacks typically involve the attacker profiling their victim and sending an e-mail using the recipients name, title, job function and a subject field related to the victim's position in order to trick them into opening something they would normally expect to receive via e-mail.
Targeted malware attacks against political or military organisations also increased, such as an e-mail attack against human rights and pro freedom of Tibet groups that aimed to install malware on their PCs that would allow their political opposition to spy on their actions.
F-Secure's half-yearly security summary also looked at emerging mobile phone threats such as Jailbreaking, growth in SQL injection attacks, and the risks emerging around third party applications like Adobe Flash. The summary can be viewed here.