Malicous spam hits ‘epic’ levels

17 Aug, 2011

This month has seen a serious rise in malicious spam, according to M86 data.

The spammers have returned with a vengeance as malicious spam hit “epic” levels in August, according to security experts.

M86 Security said it saw a “huge surge” in malicious spam which has far exceeded anything it has seen in the past two years.

The chart below shows how significant the spike was.

Spam chart

The majority of the spam was put out by the notorious Cutwail botnet, with the Festi and Asprox botnets showing themselves to be significant contributors too.

Last week, 13 per cent of the overall spam volume consisted of malicious spam, marking an “unusual” jump, according to M86. On Monday, that proportion increased to 24 per cent.

“Four of the campaigns, which we identified as originating from the Cutwail botnet are mostly recycled spam themes – Fedex, credit card, changelogs and invoices,” M86 explained in a blog post.

“The malware is attached within a compressed ZIP archive and is a Trojan that downloads additional malware including Fake AV, SpyEye and the Cutwail spambot itself.”

Spammers used typical tricks, such as telling users there credit card had been blocked, promising more information in an attached file. Anyone opening the attachment would risk infecting their machines.

It seems spammers have returned from a holiday break and are enthusiastically back to work.

Other spam offered rebates on purported accidental charges from hotels, as well as messages appearing to confirm UPS deliveries.

“This is an epic amount of malicious spam. After multiple recent botnet takedowns, cyber criminal groups remain resilient, clearly looking to build their botnets and distribute more fake AV in the process,” M86 added.

“It seems spammers have returned from a holiday break and are enthusiastically back to work.”

Spam had seen a significant drop earlier this year, largely thanks to a Microsoft-led operation taking on the Rustock super spammer botnet.