1 week ago
Spam levels down, then up, in Symantec monthly report
Emailers around the world celebrated a 65-percent reduction in spam in their mailbox last month, but now, according to Symantec, the spam is back. According to Symantec's monthly Start of Spam report, it's already regained most of its previous strength. On November 11, several network providers shut down McColo.com's Internet access, cutting off spammers' ability to control much of the Rustock and Srizbi botnets. The Symantec probe network saw a 65-percent drop in spam within 24 hours. But Symantec Manager of Business Intelligence Dylan Morss, recently writing in a company blog, reports that it didn't last. "At this point, spam volumes have slowly crept back up to 80 percent of their pre-McColo shutdown levels," he reports. The cause? "Old botnets are being brought back online and potential new botnets are being created." Spam is now coming from all over the world, with the bulk originating in Brazil (22 percent), Russia (14 percent), the United States and Turkey (12 percent each), and China and India (11 percent each).
1 week ago
90% of worldwide e-mail is a spam, warns Cisco Report
As long as cyber crime groups pursuing profiteering through the Internet are improving their skills so as to steal data from businesses, employees and consumers their online attacks are getting more sophisticated and harder to oppose, as noted in the 2008 edition of the Cisco® Annual Security Report released this week. In its annual edition Cisco points out to the top security threats of the year providing recommendations on how to protect networks against attacks. This year the overall number of disclosed vulnerabilities grew 11.5% above 2007. Cisco notes that vulnerabilities in virtualization technology nearly tripled from 35 to 103 on a year-over-year basis. Attacks are becoming increasingly blended, cross-vector and targeted. Threats coming from legitimate domains rose 90% which is nearly double of what was observed a year ago. Meantime, malware infiltrated via e-mail attachments is decreasing in number. Within the period of the last two years the number of attachment-based attacks dropped 50% as compared with the previous two years of 2005 and 2006. Cisco warned against some specific threats that flooded the web space reporting that the number of spam messages sent daily makes up for 200 billion constituting thus 90% of the worldwide e-mail. While targeted spear-phishing represents about 1 percent of all phishing attacks, it is expected to become more prevalent as criminals personalize spam and make messages appear more credible. The growing danger is also being posed by botnets which are heavily deployed today by cyber criminals. Multiple legitimate web sites were infected this year with IFrames, malicious code injected by botnets that redirect visitors to malware-downloading sites. The use of social engineering to entice victims to open a file or click links continues to grow. More online criminals are using real e-mail accounts with large, legitimate Web mail providers to send spam.
2 weeks ago
The Internet's "Naughty Nine" Malware Threats of 2008
Once again, the bad guys went after the curious, gullible and careless with lots of Web malware. Particularly malevolent were the attacks that relied on readers' enthusiasm for all things Barack Obama, and their distress over the credit crisis. Below is a list of the most notable malware attacks in 2008, at least so far. The ‘Naughty Nine’ and their descriptions are courtesy of MessageLabs, a security company that is now part of Symantec. Storm worm -- Storm was among the most aggressively spread malware of 2008. It enabled the formation of one of the largest botnets in history, estimated at 2 million compromised computers around the world at its peak. Search Engine spam -- In early 2008, spammers begin abusing search engine redirects, a technique allowing them to include a link from a search engine query within an email message. The link resolves to the spammers forged web site meaning that spammers could send messages without directly mentioning the spam web site thereby bypassing traditional anti-spam detection mechanisms which typically will not flag legitimate search engine sites as malicious links. CAPTCHA Breaks -- Hackers first broke webmail CAPTCHAs (Completely Automated Public Turing Test to tell Computers and Humans Apart) in February 2008. Once in, they were able to abuse free email services to send copious amounts of spam. As 2008 wore on, CAPTCHA breaking techniques continued to increase in sophistication and became the key to the spamming kingdom. Targeted Trojans -- Although they have been around for several years, new versions of Targeted Trojans are continuously evading Anti-virus systems due to their variation in code. The most memorable Targeted Trojans of 2008 spoofed a U.S. consumer advocacy site and the Olympic organizers. Since the beginning of 2008, targeted Trojan attacks have increased to approximately 80 per day. Web-based malware -- In April, cybercriminals used Web-based malware to take advantage of the opportunity to capitalize on computer users’ unfamiliarity with web-borne attacks. In July 2008, the number of new, malicious web sites blocked each day rose by 91 percent, taking the threat to its highest level. This surge was due to due to the number of websites linked to SQL injection attacks, where malicious JavaScript is downloaded to a visitor via the use of [removed] HTML tags. Hosted Applications Spam -- In May 2008, spammers uncovered the perfect way to spam using links to hosted online documents created under accounts with a major hosted applications service provider, which are not blocked by traditional spam filters. Srizbi -- Estimated at more than 1.3 million infected computers, Srizbi was responsible for 50 percent of all spam in 2008. It was the botnet behind “Reactor Mailer” spamware and also the botnet that spurred phishing scams spoofing some banks, marking a shift toward targeting smaller state banks and credit unions. Obama spam -- 2008 being an election year, political spam was rampant. Two bouts of spam used President Elect Barack Obama to lure recipients’ attention. The first spam cluster purported to sell watches or pills but spoofed email addressed from the following domains: barackobamaismyhomeboy.com and barackobamaisyournewbicycle.com, a popular website that intended to honor the presidential candidate’s altruism. The second run of Obama-related spam foreshadowed the outcome of the election using Obama subject lines 85 percent of the time and subject lines with McCain references 15 percent of the time. Credit crisis phishing scams -- As the credit crisis worsened, MessageLabs saw an increase in phishing attacks largely spoofing banks, in September and October. Between August and September, phishing attacks rose by 16 percent and by 103 percent between September and October. The subjects of the attacks were national banks and global banks, smaller state banks and credit unions and online retail sites. As change prevailed through the latter part of 2008, scammers took advantage of the frenzy surrounding the mergers and bailouts.
2 weeks ago
Kiwis nail a Mr Big of the spam world
A New Zealand man living in Australia has agreed to pay fines totalling $92,715 after admitting his role in an international spam email operation said to be responsible for sending out billions of unsolicited emails in recent years. Lance Atkinson, 26, of Pelican Waters in Queensland, is also facing charges in the US where a court has frozen his assets at the request of the US Federal Trade Commission (FTC), which also succeeded in having the spam network shut down. New Zealand's Internal Affairs' Anti-Spam Compliance Unit found Lance Atkinson's operation responsible for more than 2 million unsolicited electronic messages that were sent to New Zealand computers between 5 September 2007 and 31 December 2007. These emails marketed Herbal King, Elite Herbal and Express Herbal branded pharmaceutical products, manufactured and shipped by Tulip Lab of India.
2 weeks ago
U.S. Computers Generate Most Malware
American websites host more malware and computers relay more spam than any other country, the latest security report showed. As evidence of this, when an American Internet company, accused of collaborating with spammers and hackers, was disconnected from the net in November, the level of spam staggered down 75 percent. The 'Security Threat Report 2009' was just published by Sophos, the U.K.-based IT security and control firm, which examined the threat landscape over the last twelve months, and predicted the emerging cybercrime trends for 2009. Too many compromised computers "Not only is the U.S. relaying the most spam because too many of its computers have been compromised and are under the control of hackers, but it's also carrying the most malicious Web pages," said Graham Cluley, senior technology consultant for Sophos. "We would like to see the States making less of an impact on the charts in the coming year. American computers, whether knowingly or not, are making a disturbingly large contribution to the problems of viruses and spam affecting all of us today."
2 weeks ago
New law puts 'hefty price tag' on spam
STEVEN CARROLL BUSINESSES FOUND to be sending unsolicited e-mails and text messages could face fines of up to €250,000 under new legislation signed by Minister for Communications Eamon Ryan. The regulations, which come into effect immediately, relate to all unsolicited mail sent by e-mail, text message or fax. Unsolicited mail for direct marketing purposes will be treated as an indictable offence under the legislation. The new laws will allow the Data Protection Commissioner to refer serious breaches of the legislation for prosecution through the Circuit Court, where fines of up to €250,000, or 10 per cent of the offending company's turnover, may be imposed. The number of complaints made to the Data Protection Commissioner in relation to spamming increased from 66 in 2005 to 538 last year. Offenders were previously prosecuted in the District Court where the maximum fine was €3,000. This figure has now been increased to €5,000. Mr Ryan said spam was a serious threat to the internet, posing security risks and that such communications were a serious invasion of privacy. "Unwanted communication, either by e-mail or to a mobile phone is more than a nuisance - it wastes money and energy," he said. "Millions every year are lost to Irish companies through lost productivity as spam clogs inboxes and crashes servers," he said.
2 weeks ago
USA number 1 in malware
A new report has placed the U.S. at the top of the list for most websites hosting malware and the most computers relaying spam emails throughout the world. The spot was previously held by China last year, but due to a multitude of innovative attacks by cybercriminals this year, the U.S. how holds approximately 37 percent of the malware on the web, NetworkWorld.com reports. China hosts 27.7 percent. In terms of malware threats, SQL injection attacks against websites and the emergence of scareware were the biggest ones. The U.S. also distributed the most spam emails than any other country with 17.5 percent. This may come as a surprise to some, given the McColo takedown last month, which assisted dropping the amount of spam by approximately 65 percent, according to the website. As the year draws to an end, spam levels are almost at pre-takedown levels, rendering the McColo shutdown essentially inconsequential.
2 weeks ago
Hackers Acting Faster, Study Concludes
Zero-day malware accounted for 26 percent of blocked threats in November, says web security firm ScanSafe. In its monthly Global Threat Report, ScanSafe said the rate of zero-day malware blocks increased in November to 26 percent of blocks, compared to 16 percent in October. The number is also significantly higher than the 19 percent average reported for the year. In a zero day attack, hackers are faster than software vendors and security providers by exploiting vulnerabilities before vendors have time to fix them. The most recent zero day attack was the Internet Explorer browser exploit. The vulnerability was found and then mistakenly released by Chinese researchers. The result was an explosion of attacks. Microsoft released an emergency patch on Tuesday, 17 December. "Throughout November, attackers were more intent than ever on ensuring the malware they used would bypass traditional security measures," said Mary Landesman, senior security researcher at ScanSafe.
2 weeks ago
Hackers Acting Faster, Study Concludes
Zero-day malware accounted for 26 percent of blocked threats in November, says web security firm ScanSafe. In its monthly Global Threat Report, ScanSafe said the rate of zero-day malware blocks increased in November to 26 percent of blocks, compared to 16 percent in October. The number is also significantly higher than the 19 percent average reported for the year. In a zero day attack, hackers are faster than software vendors and security providers by exploiting vulnerabilities before vendors have time to fix them. The most recent zero day attack was the Internet Explorer browser exploit. The vulnerability was found and then mistakenly released by Chinese researchers. The result was an explosion of attacks. Microsoft released an emergency patch on Tuesday, 17 December. "Throughout November, attackers were more intent than ever on ensuring the malware they used would bypass traditional security measures," said Mary Landesman, senior security researcher at ScanSafe.
2 weeks ago
As phishing evolves, criminals switch to malware
The scammers began to see serious problems with their phishing scams sometime around April. That's when they started realizing that more and more of their phoney "phishing" e-mails were being blocked. Security researchers had spent the previous year closely studying botnet networks of infected computers and they were getting pretty good at blocking many of the fraudulent e-mail messages that were being sent from these systems. This was creating a problem for phishers -- online fraudsters who set up fake Web sites and try to trick victims into visiting them and giving up their user names and passwords. With fewer of their messages getting through, they had to send out more and more spam to work their scams. By August phishing gangs homed in on a new way to make a buck. Instead of asking people to visit a fake Web site, more and more phishers began asking victims to install browser plug-ins or other types of software. To pull this off, they'd send e-mail that comes with malicious software that's supposed to be a security update from a bank. Sometimes they'd simply purchase time on infected botnet computers and install code that steals banking credentials from machines that had already been hacked.
