« Podcast: Systems Under Siege - Steps a CSO Should Take Today: A Talk With Mike Rothman | Main | Security: Good News and Bad News »

As almost every industry now seems to be doing mash-ups of different technology, you can now include spammers and cybercriminals in that group. A recent report by MessageLabs stated that recent email messages touting stocks have also come to include links to malicious code. The reasoning is, even if the stock mention fails to entice the recipient, maybe they'll still click on the link, thereby infecting their computer with malware.

In the past 10 days, MessageLabs has uncovered only 3,500 such messages, which has them wondering if the spammers are just at the testing stage of this new scam. Said Mark Sunner, chief technology officer for the company, "These activities are now much more under the radar because they are sending the messages out in discrete chunks. If you spam out (the malicious link), you have a lot of control over the resultant bot net -- you can control the size, (and) what time zone it is being sending to."

What is also interesting about the Storm Worm, also known as Zhelain and Peacomm, is that it does not spread on its own, but only by someone clicking on the link. This is another change in strategy, as by sending out worms and viruses in the form of spam, criminals can grow their bot nets at a more controllable pace (while, most importantly, remaining undetected). This is also an attempt to stymie the virus detectors by denying them the latest variations of the worm which they need to detect it elsewhere.

Posted by pschooff in Hackers |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/1741