Spam, Malware and Forged Sites, Still on the Rise Despite Arrests

by

According to a report released today by the Marshal Threat Research and Content Engineering (TRACE) report for the first half of 2008, cyber criminals are using ‘blended attacks’ to distribute malware and links to hacked websites via email on an unprecedented scale.

Unpatched browsers are putting more than 45 percent of Internet users at risk when they visit legitimate Websites infected with malicious code.

Three botnets are responsible for 75 percent of all spam, pumping out billions of messages every hour through zombie clients and being used to launch mass attacks on Websites.

In an alarming new development, spam sent from webmail accounts that had been automatically created using CAPTCHA-breaking technology was seen to be on the increase, rendering common anti-spam defenses such as reputation less effective.
TRACE also identified a major increase in spam used to infect computers with Trojan malware. During the same period, many of the most popular Websites were found to be hosting malicious software designed to steal data or add PCs to botnets. The TRACE team identified 1.5 million Websites infected by a botnet attack in May 2008.
In the six months ending in June 2008, the TRACE team saw spam volumes double, with the Srizbi botnet identified as the most prolific offender, capable of pushing out 7.8 billion messages an hour. As the world’s largest botnet, Srizbi controls more than 315,000 infected machines sending 50 percent of all spam, followed by Rustock and Mega-D botnets, generating 14 percent each. Marshal traced 90 percent of all spam to just seven botnets, indicating millions of Trojan-infected computers worldwide.
The report notes a reduction in the use of gimmicks such as image spam (down to one percent), with spammers reverting to social engineering to dupe recipients into opening malicious messages, using sensational subject lines relating to the economic crisis or celebrity deaths.
Commenting on this year’s findings, Bradley Anstis, vice president of Products for Marshal said, “Spammers are moving en masse to the Web and distributing malware on a scale not seen before. Criminals are not bothering to set up their own sites; they are infecting legitimate sites with malicious code.
We can no longer rely on traditional URL filtering lists because the ‘safe’ sites may no longer warrant that trust. The use of webmail accounts to send spam makes IP reputation or message header inspection less effective because the spam is generated using Gmail, Yahoo and Hotmail, so the messages will appear to come from legitimate sources. In our view, the use of botnets to launch mass Website attacks is the most concerning issue to arise so far in 2008.”
Although TRACE reports that phishing represented just 0.5 percent of all spam over the last six months, the TRACE report draws attention to the flaw in the Domain Name System (DNS) identified by security expert Dan Kaminsky in early 2008. The flaw could have been exploited by criminals to redirect Internet users to phishing Websites, even if they typed the correct URL into their browser.

Of course over the last couple of years the US government proudly announced that it had arrested spammer responsible for much of the spam.  Att he time of the arrests the US government said that everyone would now see a reduction in spam because the offenders we behind bars.

Guess not US.

Maybe at some point the Government will realize that the Internet is not based 100% in the US and therefore the US cannot simply pass laws in the US that will control the conduct of the Internet worldwide.

About Michael Berkens

Michael Berkens, Esq. is the founder and Editor-in-Chief of TheDomains.com. Michael is also the co-founder of Worldwide Media Inc. which sold around 70K domain to Godaddy.com in December 2015 and now owns around 8K domain names . Michael was also one of the 5 Judges selected for the the Verisign 30th Anniversary .Com contest.

Comments

  1. Damir says

    Great post – this is the downside of the internet – internet users need to be smart and do not open the emails in their email account they do not know from where they come from – they need to have a great firewall and antivirus software installed on their pc