With spam continuing to represent the distribution vector of choice for the majority of cybercriminals, it shouldn't be surprising that the volume of malicious spam campaigns is proliferating.
In a recent blog post, researchers from Commtouch have summarized their observation status on the malicious spam campaigns from last month, namely, UPS/FedEx, Map of love and Hotel charge error and pointed out that someone is actively building crimeware-friendly botnets:
"Pre-outbreak levels varied between a few hundred million emails to around 2 billion per day. The peak outbreak included distribution of nearly 25 billion emails with attached malware in one day."
Malware campaigns have cyclical pattern of distribution, namely, cybercriminals constantly rotate and introduce new topics, once the lifecycle of the previous campaign have reached the maturity stage. Meanwhile, users continue interacting with spam emails, clicking on links, downloading attachments and unsubscribing themselves, prompting the success of spam in general.
Now, that the cybercriminals have set up the foundations for their botnet aggregation practices by spamvertising billions of emails, it's worth keeping an eye on the actual response rate of the command and control servers used in the campaigns in order to roughly estimate the damage caused by the campaigns.