The Tech Herald

The unknown explosion of malicious email attachments

by Steve Ragan - Sep 19 2011, 09:00

Commtouch, the original equipment manufacturer (OEM) for many security vendors dealing with anti-Spam and anti-Malware protections, discovered a massive jump in malicious email attachments last month. Beyond concerns regarding extra volume, the problem is no one seems to know why there was a sudden spike.

Since August, someone unknown - perhaps a group - has been targeting millions of systems worldwide with email containing malicious attachments. However, this isn’t the typical type of Spam, this is direct malware distribution on a mass scale resulting in abnormally high levels of malicious messages.

The pattern has been seen before: Fake messages with malicious attachments alleged to contain details on UPS and FedEx deliveries, credit card charge errors, and so on. Since the fall of the Rustock botnet, Spam levels across the globe have fallen, but, despite that, the volume of malicious email attachments has skyrocketed.

In August, Commtouch’s monitoring points noticed an average of a few hundred million to two billion malicious messages per day. On August 8, that number exploded to 25 billion Malware-laced emails.

“A review of several end-user forums reveals that the email campaigns have been successful – with many users having opened the malware attachments. The infection rate is generally linear – the more malware is emailed, the greater the final number of infections. Once opened the malware contacts external servers and downloads several other malware files, which are then run on the infected machine. The purpose of these files is unclear,” Commtouch said.

“In the past large malware outbreaks have resulted in the expansion of botnets which have then been used to send large volumes of spam. Malware distribution therefore aimed to increase spam distribution, but this does not seem to be the case now,” it added.

Considering the effort involved in designing the email templates and themes, as well as developing the Malware variants, where is the payoff for the person(s) behind the massive influx of malicious messages? No one knows, but Commtouch is at least willing to speculate.

It could be that the Malware aims to expand the number of bots on the Web used to push Spam, or DDoS. Yet, at the same time, there have been no reported jumps in Spam volume. Likewise, there have been no reports of a massive DDoS attack online. Moreover, authentication theft (for messenger, email, or social networking accounts), and financial fraud are other possibilities, but nothing has been reported outside of the norm for those types of crime either.

That leaves the unknown, or something worse, namely someone is perhaps preparing for a massive attack somewhere. At this stage, the best bet is for consumers to avoid random email attachments, and keep security software, as well as third-party and operating system software, tightly patched. Commtouch has said it will continue to track movments, providing more report coverage and connected information along the way.

In the meantime, what are your thoughts on the malicious email explosion? Tell us in the comments below.

Around the Web

Comment on this Story

comments powered by Disqus

From Autosaur.com

Steve Millen Marks 20th Anniversary of Le Mans Win (Pictures and Video)

It was back in 1994 that Steve Millen and Nissan won the 24 Hours of Le Mans wight he Nissan...

Porsche, Maria Sharapova and CFDA Join for Charity

German sports car maker Porsche, together with their tennis star brand ambassador Maria Shar...

Lamborghini Huracan LP 620-2 Super Trofeo (PICTURES)

Lamborghini have revealed some pictures of their new Huracan LP 620-2 Super Trofeo race car....

The 10 Most Expensive Celebrity Cars

What do Simon Cowell, Birdman, Flo Rida, Lil Wayne and The Game have in common? They all dri...

2015 Kia Sportage Details

Kia have released trim details for the 2015 Kia Sportage. The popular crossover is available...