The Tech Herald

The unknown explosion of malicious email attachments

by Steve Ragan - Sep 19 2011, 09:00

Commtouch, the original equipment manufacturer (OEM) for many security vendors dealing with anti-Spam and anti-Malware protections, discovered a massive jump in malicious email attachments last month. Beyond concerns regarding extra volume, the problem is no one seems to know why there was a sudden spike.

Since August, someone unknown - perhaps a group - has been targeting millions of systems worldwide with email containing malicious attachments. However, this isn’t the typical type of Spam, this is direct malware distribution on a mass scale resulting in abnormally high levels of malicious messages.

The pattern has been seen before: Fake messages with malicious attachments alleged to contain details on UPS and FedEx deliveries, credit card charge errors, and so on. Since the fall of the Rustock botnet, Spam levels across the globe have fallen, but, despite that, the volume of malicious email attachments has skyrocketed.

In August, Commtouch’s monitoring points noticed an average of a few hundred million to two billion malicious messages per day. On August 8, that number exploded to 25 billion Malware-laced emails.

“A review of several end-user forums reveals that the email campaigns have been successful – with many users having opened the malware attachments. The infection rate is generally linear – the more malware is emailed, the greater the final number of infections. Once opened the malware contacts external servers and downloads several other malware files, which are then run on the infected machine. The purpose of these files is unclear,” Commtouch said.

“In the past large malware outbreaks have resulted in the expansion of botnets which have then been used to send large volumes of spam. Malware distribution therefore aimed to increase spam distribution, but this does not seem to be the case now,” it added.

Considering the effort involved in designing the email templates and themes, as well as developing the Malware variants, where is the payoff for the person(s) behind the massive influx of malicious messages? No one knows, but Commtouch is at least willing to speculate.

It could be that the Malware aims to expand the number of bots on the Web used to push Spam, or DDoS. Yet, at the same time, there have been no reported jumps in Spam volume. Likewise, there have been no reports of a massive DDoS attack online. Moreover, authentication theft (for messenger, email, or social networking accounts), and financial fraud are other possibilities, but nothing has been reported outside of the norm for those types of crime either.

That leaves the unknown, or something worse, namely someone is perhaps preparing for a massive attack somewhere. At this stage, the best bet is for consumers to avoid random email attachments, and keep security software, as well as third-party and operating system software, tightly patched. Commtouch has said it will continue to track movments, providing more report coverage and connected information along the way.

In the meantime, what are your thoughts on the malicious email explosion? Tell us in the comments below.

Comment on this Story

comments powered by Disqus

From Autosaur.com

Lamborghini Goes Through Time Warp

We all know Lamborghinis can go fast — but this one seems to have the same hyperspace f...

Average Guys With Average Cars. #average

Great new video from up-and-coming clothing brand the Average Squad. The short was posted by...

This Man Was Too Poor To Buy A Car. How He Treats Them Now Is So Touching

This is one of the most touching videos about cars in a long time. It tells the story of a m...

Lucky Escape from Out of Control Truck

This man had a lucky escape on a New Jersey Turnpike when he had to stop on the road du...

Concept Car Videos from Detroit Auto Show

As at every big car show manufacturers at the Detroit Auto Show 2015 were keen to give us th...