Security labs record surge in malicious spam over past week. Reasons unknown

News by Dan Raywood

A rise in spam has been noted by two security labs in the past week.

A rise in spam has been noted by two security labs in the past week.

M86 Security noted a huge surge of malicious spam that it said far exceeds anything it has seen over the past two years. Its research found that last week, malicious spam made up at least 13 per cent of the total spam volume, which it said was unusual, however that figure spiked to 24 per cent yesterday.

Security vendor Commtouch also noted a 500 per cent increase spike in the level of spam seen. It also noted that most of the spam contained fake shipping confirmations that often told the recipient that they had an undelivered package and had to fill in an attached file.

M86 Security said that the majority of the malicious spam comes from the Cutwail botnet, although Festi and Asprox are among the other contributors.

It also said that the malware is attached within a compressed ZIP archive and is a Trojan that downloads additional malware including fake anti-virus, SpyEye and the Cutwail spambot itself.

Daniel Axsäter, chief executive officer of CronLab, told SC Magazine that it was seeing a surge of email based malware that started two weeks ago with a sharp increase in instances last week.

“Over half of the viruses we see are from zip-files, clearly trying to trick the end users to believing they are real. As so often before, much of the viruses come hidden as Shipping notifications, mainly from UPS but also pretending to be from DHL and FedEx,” he said.

“The subject lines also contain a fair amount relating to credit card block warnings etc. Our advice to clients is as always, to make sure to scan the emails for viruses before you retrieve them to ensure you don't get infected.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews