Malware and Spam still appearing in abundance (Report round-up)

by Steve Ragan - Jul 18 2008, 11:18

Over the last few days there have been several Malware and Spam reports issued. The bulk of the reports offer the same news, which is: Malware and Spam are still a constant issue online and on the network. Here is a breakdown, by vendor, on the latest trends.

Sophos:

By June 2008, Sophos said that the level of Spam had risen to 96.5% of all business e-mail. Having risen from a figure of 92.3% in the first three months of the year, corporations are now facing the fact that only one in twenty-eight e-mails are legitimate.

"If your company is on the internet, it's going to be hard for it to do business unless it has an effective anti-spam defense in place," commented Graham Cluley, senior technology consultant for Sophos. "Otherwise the amount of junk mail will be swamping legitimate correspondence from your customers and suppliers."

The U.S. has once again claimed the top spot (14.9%) -- nearly doubling the output of second place Russia (7.5%). Also retaining a place on the leaders' podium of shame was Turkey, with a marked increase in Spam since the same period last year -- rising from ninth place and 3% in the second quarter of 2007, to third place and 7% this year.

Sophos has discovered that spammers are increasingly using networking Web sites such as Facebook and LinkedIn to send their unwanted links to online stores and bogus lottery and financial scams.

"Spammers are finding themselves increasingly obstructed by corporate anti-spam defenses at the email gateway. In a nutshell -- we're stopping the bad guys getting their marketing message in front of their intended audience," added Cluley. "To get around this, we are seeing spammers exploiting networks like Facebook to plant spam messages on other peoples' profiles -- these don't just get read by the owner of the profile, but anyone else visiting his or her page."

Sophos said that the level of Facebook, Bebo and LinkedIn Spam is still dwarfed by e-mail Spam, but there is a growing trend for spammers to use other techniques to spread their messages.

ScanSafe:

ScanSafe found that massive compromises of legitimate Web sites exploded in June, accounting for 66% of all Malware it blocked, and contributing to a 278% increase in Web-based Malware for the first half of the year.

SQL injection attacks have rapidly become the most common form of Web site compromise, outpacing all other types of compromise by 212%. In June, SQL injection attacks accounted for 76% percent of all compromised sites. Most of the compromises attempt to install password stealers and backdoor Trojans. This category of Malware increased from 4% of Malware in January to 27% in June, ScanSafe said.

BitDefender:

According to data recently released by BitDefender, June's top three threats were Trojans, two of which were adware components, and the third being part of a fake anti-virus program.

In first place is 'Trojan.Clicker.CM', a popup-ad-serving Trojan being distributed via infected Web sites. Next on the list is 'Trojan.Downloader.WMA.Wimad.N', a simple downloader that points browsers at 'Adware.PlayMp3z.A'. Then there is 'Trojan.FakeAlert.PP', which placed third and is found in Web pages that attempt to convince users to install 'XP antivirus', which is not an anti-virus at all, but rather a fake anti-virus, which claims to have found viruses and demands money to remove them.

"We were taken a bit by surprise when we compiled the data, since the top comprises the exact same Trojans in the exact same order as last month’s menaces -- a rather unusual occurrence,” said Sorin Dudea, Head of BitDefender AV Research. “However, they are less of a threat this month -- the percentages are all lower, which means each of them has been less successful than it was last month."

MessageLabs:

MessageLabs' Intelligence data has been released on year-to-date Spam rates for individual U.S. states.

MessageLabs scans three billion e-mail connections per day, and in June 2008 the global ratio of Spam in e-mail traffic from new and previously unknown bad sources was 81.5%. The lowest percentage of Spam going to a single state was 78.5%. The average Spam level for the entire U.S. reached 86% in June.

“The varying spam levels across states can be attributed to different socioeconomic factors and levels of security awareness in each state,” said Matt Sergeant, Senior Anti-Spam Technologist at MessageLabs. “The states that are experiencing higher spam levels may not place as high a priority on IT security overall or employees and businesses may be more willing to share their personal contact information in public domains. When email addresses are openly available, spammers take advantage of it and inundate those inboxes with massive amounts of spam.”

The ten most spammed states in order are:

1. Illinois
2. South Dakota
3. Oregon
4. New Hampshire
5. Wisconsin
6. North Carolina
7. Indiana
8. Texas
9. Pennsylvania
10. Alabama

 

Around the Web