Mass virus outbreaks are back

Virus attacks have increased by 20 times over the last two months, according to new research.

Email security firm Postini, the company behind the study, found that two worldwide email virus attacks that occurred over the new year and again a couple of weeks later were so big that it increased the level of viruses circulating the internet by a factor of 20 over normal activity.

It said that both attacks were designed to steal personal information from email recipients and compromise host PCs in an effort to build a bigger botnet army of zombie computers.

The latest attack, nicknamed Storm after the subject line enticed users with subject lines about the heavy winter storms in Europe, contained a trojan known as Downloader-BAI or AUTH-W32/Downloader. Postini said on 20 January, it blocked almost 17m messages carrying the trojan, nearly 20 times the average daily virus volume last year.

The previous attack, dubbed the Happy New Year worm, saw the company blocking 19.5m infected messages with numerous variants of malware, such as Tibs, Nuwar, Banwarum, and Glowa.

It said the two attacks were by far the largest to occur in the past 12 months.

"The explosion of botnets, has changed the balance of power in the world communications security," said Daniel Druker, executive vice president at Postini. "As Valentine's Day approaches, email users should continue to keep their guard up, as there are already new mutations of the Storm worm with love-related subject lines."

While viruses re-emerge in mass attacks on the internet, image-based spam is also eating up bandwidth, but scientists at the Institute of Computer Technology at the Humboldt University, Berlin have hit on a novel solution to the problem of blocking this type of spam before it hits the inbox.

The new picture spam filter was developed with web hosting firm Strato and uses a fingerprinting technique invented by Professor Tobias Scheffer of the Max Planck Institute.

The technique relies on the pictures in spam messages having a particular characteristic. Corresponding fingerprints can be generated by colour distribution, for example a certain colour percentage in a specific tone, or by the composition or structure of the individual graphics. If similar, these characteristics will reveal a common sender or identical content.

"Fingerprinting currently provides the best possible protection against picture spam," said Professor Scheffer. "No single spam picture is identical to another and the perpetrators of spam automatically create millions of variations of their spam email, which differ in some details but appear identical on screen."

He said fingerprinting allows picture spam to be identified via similar characteristics.

"Without fingerprinting, each individual picture would need to be analysed which is an impossible task," he said.

Email to a friend

Print this page

Social Bookmark this article: What is this?

Digg

Delicious

Reddit

StumbleUpon

Slashdot

Google

Facebook