Conficker and Waledec lead to increase in spam for first months of 2009

News by SC Staff

Spam continues to evolve in 2009 as cybercriminals use new tactics.

Spam continues to evolve in 2009 as cybercriminals use new tactics.


In its February 2009 Threatscape Report, Fortinet has reported activity by a super worm, an emerging botnet, a mobile threat and a steady upturn in spam.


Derek Manky, project manager of cyber security and threat research at Fortinet, said: “The economy will likely remain a strong theme in upcoming months as cybercriminals tap into fear-mongering tactics to take advantage of the global economic downturn; in the criminal underworld, both online and off, illegitimate jobs are created as legitimate ones are eliminated.


“Mobile threats are also likely to be a recurring theme. We are just starting to see the tip of the iceberg in this threat vector with the latest SymbianOS threat, Sexy View, but we predict much more to come as criminals redirect their focus with the growth of mobile platforms, applications and broader bandwidth.”


It reported that there was a three-fold increase in the number of vulnerabilities although the active exploit rate was down to 25.6 per cent from 30.2 per cent in January. Conficker is still spreading, while the MS08-067 vulnerability was still being exploited.


Meanwhile spam levels in February peaked at 55 per cent of the global email rate, inching back up from a sharp decrease in late 2008. St Valentine's Day saw eCard, phishing and scam emails sent, with the Waledec botnet using a Valentine's Day campaign to dupe users into downloading a malicious executable which was a copy of the Waledac Trojan.


Fortinet reported that the US was the top recipient of malware activity regionally, with 51.07 per cent of worldwide activity, while Japan (42.11 per cent), China (22.26 per cent), India (21.62 per cent) and Canada (19.91 per cent) made up the rest of the top five regions.


Finally Fortinet discovered new variants of Flocker in January that targeted accounts with Indonesian operators. It claimed that the latest SymbOS/Yxes.A threat ‘Sexy View'. is a groundbreaking propagation function as it has the capability to spread through SMS by providing malicious URLs where a bridge is created from mobile telecommunications to the internet. In turn, this opens up a range of possibilities, effectively allowing the authors more control over their creation.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews