A new report exposes a new level in the convergence between spam and viruses through intercepted cyber-criminal activity, while highlighting the increase in spam levels and the emergence of new techniques which have led to decreased rates in traditional virus and phishing threats.
MessageLabs, the web security and integrated messaging services provider to businesses worldwide, has for the first time intercepted emails that are both spam and contain a virus, as announced in the findings of its MessageLabs Intelligence Report for April 2007.
While the cyber-criminals have long used email viruses to create botnets to send spam, this is the first time MessageLabs has seen viruses hidden within stock scam spam. Since 14 April, the vendor said it has stopped thousands of these emails as part the latest phase in Storm Worm activity.
Late this month, the latest strains of Zhelatin also known as Storm Worm were being spammed out in stock pump-and-dump emails, which also contained links to new malware being hosted on websites under the control of the attackers. Purporting to be a screensaver, the malware then drops the Zhelatin MeSpam engine onto the compromised computer. Until now, new versions of Zhelatin have been distributed via botnets to create larger botnets for the purposes of controlling networks of computers for spamming.
“Why use two emails when just one will do? Now we are seeing the bad guys layer on the threats – as if it’s not enough to just scam someone and fill their inbox with junk email, why not also infect and take control of their computer at the same time? These latest techniques are part of a new boldness being shown by certain criminal gangs we are tracking,” said Mark Sunner, Chief Security Analyst, MessageLabs.
“These latest developments also serve to highlight that spam cannot be perceived as just a nuisance and it should be kept away from the desktop. Protection at the Internet level avoids any errors by end-users which could have detrimental impact on a business.”
It also found, the global ratio of spam in email traffic from new and unknown bad sources was 76.1% (1 in 13.1 emails) – an increase of 0.9% on the previous month in April. However, MessageLabs said the figure is considerably higher in real terms, because it is now able to filter out large volumes of known spam from sources such as known botnets. Without filtering out the spam sent via botnets, 83.6% of email traffic would have been identified as spam.
The full report is available at here