Eleven charts showing spam volume and top countries of origin
(WEB HOST INDUSTRY REVIEW) — Four out of five malware-infected emails contained variants of the Koobface Trojan (known also as TR.Crypt.ZPACK.Gen) in the past month, according to the latest email-security report from German e-mail security specialist eleven (www.eleven.de), which also reported a rise in malware using JavaScript.
According to the E-mail Security Report October 2010 from eleven, Koobface first appeared on the social network Facebook, and has now not only spread to other platforms, but has evolved into one of the most widespread email worms.
The malware authors, eleven said, used “classic” methods of spreading the worm such as delivery confirmations from popular courier services, but were also very creative in coming up with tricks that lured users into opening infected attachments – disguising emails to make them appeared to be CVs, tax-assessment orders and messages about successfully sent faxes.
eleven reported that due to the scandal relating to the controversial comments made by the former German Federal Bank executive Thilo Sarrazin, politically motivated spam started to sprout, with messages containin subjects lines like “Thilo Sarrazin is right.”
While Sarrazin-related spam was new, Viagra continues to be the top spam topic, despite its share of the total spam sent shrinking significantly to 56 percent. Casino spam, which had almost disappeared after the Mariposa and Waledac botnets had been shut down, again accounted for 10 percent of all spam email.
The proportion of spam that contain an HTML attachment that when opened activates a JavaScript that directs the user to the spammer’s target page is on the rise, according to eleven. This tactic is able to avoid spam filters that search for known spam or phishing sites within an email’s contents.
eleven found that this JavaScript trick is not only used for spam and phishing, but also for malware dissemination. When the email is opened in an HTML-enabled email client, the script generates a link to an infected site that often contains a page containing an iFrame that loads a Java application and, by taking advantage of current security gaps, can lead the user out of the protected Java environment and install malware onto the infected computer.
There were also developments in the sources of spam. The top spam source was the USA, followed by Brazil and India. Germany dropped to eighth place, while Russia returned to its place among the top five spam sources for the first time this year.
eleven data showed that the share of spam in total email traffic has dropped slightly – from 96.5 percent of all messages in August to 95 percent in September 2010.
No related posts.
