(WEB HOST INDUSTRY REVIEW) — IT security provider Symantec Hosted Services (www.symantec.com) reported high spam levels and new zero-day threats as part of its January 2010 MessageLabs Intelligence Report (www.messagelabs.com/intelligence.aspx).
According to the report released Friday, 83.4 percent of spam at the end of 2009 originated from botnets. Around 900 million spam emails, originated from free webmail accounts, and more than 79 percent of webmail spam came from three well-known free webmail service providers.
“Despite the best efforts of the webmail providers to prevent this abuse of their services, there is still a viable market in the underground economy for buying and selling legitimate and usable webmail accounts,” Symantec Hosted Services MessageLabs Intelligence senior analyst Paul Wood said in a statement.
Last month, a new zero-day vulnerability in a popular version of a .PDF viewer was found to target high-level individuals in the public sector, education, financial services and large international corporations. It arrives as a .PDF file containing embedded malicious Javascript code. The attack also had a social engineering aspect — the attack varied according to the individual and organization being targeted, making it seem legitimate. MessageLabs Intelligence actually blocked the first versions in November 2009, protecting Symantec Hosted Services customers from the attack before it began.
In December, MessageLabs also began tracking a new botnet called Lethic that quickly grew to account for 5.25 percent of all spam by January 8 before dropping off to nothing. “Lethic seems to have disappeared almost as quickly as it arrived,” Wood said. “The spam it had been sending was roughly an even mix of pharmaceutical and replica watch spam. Interestingly, the Bagle botnet was sending the exact same spam with the same hyperlinks as Lethic and over the same time period leading us to believe that Lethic possibly came from the same creators as Bagle or the people behind the spam may have hired the resources of more than one botnet gang to increase output.”
Toward the end of 2009 spammers launched new campaigns related to 2010 events to sustain the high levels of spam experienced. At the start of 2010, MessageLabs Intelligence saw the typical special New Year offers for pharmaceuticals, fashion accessories and watches, weight loss products, loans and jobs. More than 50 percent of New Year related spam was sent by the Grum and Cutwail botnets.
Spammers are now moving away from the New Year themes and are expected to next latch onto Valentine’s Day-related spam topics. They have also been quick to take advantage of the tragedy that struck Haiti to generate advanced-fee fraud scams.
No related posts.
