Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev

Malicious spam campaigns proliferating

By Dancho Danchev | September 21, 2011, 8:15am PDT

Summary: In a recent blog post, researchers from Commtouch have summarized their observation status, and pointed out that someone is actively building crimeware-friendly botnets.

With spam continuing to represent the distribution vector of choice for the majority of cybercriminals, it shouldn’t be surprising that the volume of malicious spam campaigns is proliferating.

In a recent blog post, researchers from Commtouch have summarized their observation status on the malicious spam campaigns from last month, namely, UPS/FedEx, Map of love and Hotel charge error and pointed out that someone is actively building crimeware-friendly botnets:

“Pre-outbreak levels varied between a few hundred million emails to around 2 billion per day. The peak outbreak included distribution of nearly 25 billion emails with attached malware in one day.”

Malware campaigns have cyclical pattern of distribution, namely, cybercriminals constantly rotate and introduce new topics, once the lifecycle of the previous campaign have reached the maturity stage. Meanwhile, users continue interacting with spam emails, clicking on links, downloading attachments and unsubscribing themselves, prompting the success of spam in general.

Now, that the cybercriminals have set up the foundations for their botnet aggregation practices by spamvertising billions of emails, it’s worth keeping an eye on the actual response rate of the command and control servers used in the campaigns in order to roughly estimate the damage caused by the campaigns.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Bank of Melbourne Twitter account hacked, spreading phishing links

Spamvertised 'We are going to sue you' emails lead to malware

Topics

Spam Campaign, E-mail, Spyware, Adware & Malware, Cyberthreats, Blogging, Viruses And Worms, Online Communications, Security, Internet, Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Full Bio
Disclosure
Contact

Vendor HotSpot

The 360° Conversation around Cloud Computing

TECH VISUALIZER brings the social conversation to life... powered by Brocade

Learn More »

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

Ask a Question Start a Discussion

Comments

Add Your Opinion

Join the conversation!

Follow via:: RSS; Email Alert

Just In

So what's next?

js1107 22nd Sep

Great article. It seems like the natural next question is what do we do next? We can't change user behavior -- people are still going to continue interacting with spam email (as you pointed out).

We've written here about Proofpoint, the leader in email security: "When Spam Turns Malicious: What's next?. With Proofpoint, these kinds of attacks can be prevented all together.

View in thread

Please Select
Please Select

0 Votes

+ -

RE: Malicious spam campaigns proliferating

tyvek@... 21st Sep

Need a great Algorithm to analyze the traffic and subject matter in header and block at the gateways. Did that way back with the I love you virus and squashed it right there on the mail server. Never went any farther.

Reply
Flag

0 Votes

+ -

RE: Malicious spam campaigns proliferating

MallusLittera 21st Sep

What is with the ".00" at the end? (i.e.25,000,000,000.00) How can you have a tenth or hundredth of a spam mail? Is that when your aunt sends you that stuff that you just immediately delete? =)