Home  › Email › Email Marketing

The Deadly Duo: Spam and Viruses, April 2007

  |  May 22, 2007   |  Comments

Threats shift from e-mail to Web-borne infection, while the rate of attacks may be falling.

Sophos identified a worm known as SB/Badbunny-A, which attacks Windows, MacOS, and Linux users by dropping a bad OpenOffice Draw file on the desk. When executed, the worm propagates through different means on each operating system.

The file itself contains a JPEG of a rabbit performing an "indecent" act. Additional findings from Sophos show a shift from e-mail to the Web to spread malware. Over 245,790 Web pages hosting malicious code were identified in April, an average of 8,193 infected pages per day.

Top 10 Malware Threats, April 2007
Position Malware Percentage
1 Mal/Iframe 44.7
2 JS/EncIFra 19.7
3 Troj/Fujif 10.0
4 Troj/Psyme 8.7
5 Troj/Decdec 5.3
6 Troj/Ifradv 4.0
7 Mal/Packer 1.0
8 Mal/FunDF 0.7
9 Mal/ObfJS 0.5
10 Mal/Behav 0.4

Others 5.0
Source: Sophos Plc., 2007

Top 10 E-mail-Based Malware Threats, April 2007
Position Malware Percentage of Reports
1 W32/Netsky 24.7
2 W32/Dref 24.0
3 W32/Mytob 15.6
4 W32/Stratio 12.3
5 W32/Zafi 5.2
6 W32/Sality 3.7
7 W32/MyDoom 3.6
8 W32/Bagle 3.0
9 W32/Nyxem 1.6
10 Troj/Small 0.9

Others 5.4
Source: Sophos Plc., 2007

Top 10 Hoaxes and Chain Letters, April 2007
Position Hoax Percentage of Reports
1 Hotmail hoax 17.3
2 Olympic torch 9.6
3 MSN is closing down 4.3
4 A virtual card for you 3.5
5 Bonsai kitten 2.9
6 Meninas da Playboy 2.6
7 Budweiser frogs screensaver 2.6
8 Justice for Jamie 2.5
9 Bill Gates fortune 1.8
10 Music Top 50 1.6

Others 51.3
Source: Sophos Plc., 2007

Top 10 Countries Hosting Malware-Infected Web Sites, April 2007
Position Country Percentage
1 China (incl. Hong Kong) 56.4
2 U.S. 28.3
3 Russia 5.4
4 Germany 3.4
5 France 1.2
6 Canada 0.7
7 South Korea 0.6
7 Ukraine 0.5
9 Netherlands 0.4
10 U. K. 0.4

Others 2.7
Source: Sophos Plc., 2007

E-mail remains an effective vehicle for spammers and for many criminal rings, though the rate of incidents is falling. MessageLabs identified 180 attacks in April, down from 249 in March. Spam rates reached 76.1 percent, a 0.9 percent increase over March's 75.2 percent, but lower than the peak of 94.5 percent observed in July of 2004.

Viruses were found in one in every 145.5 e-mails received in April; and phishing tactics were used in one in every 416.1 e-mails. Microsoft Word was used in 95 percent of targeted attacks, though a Taiwanese criminal gang known as "Task Briefing" used infected PowerPoint files to propagate botnets. MessageLabs said the majority of attacks consisted of an e-mail sent to one individual to evade signature-based malware detection. Additionally, attacks primarily targeted the public sector, but were deployed over the weekends for much the same reason.

Postini calculates spam and viruses to comprise over 93 percent of e-mails, up 135 percent from September 2006 rates, and a 36 percent increase over January 2007. Web-borne security threats from spyware and adware are also on the rise; the spread of online threats increased by 34.4 percent over the previous month.

A mix of young and old viruses take the top 20 spots reported by Kaspersky. Some of the newer viruses remain out of high circulation due to deployment of new tactics.

"Virus writers are now spamming multiple variants of their latest creation within a very short space of time," according to a Kaskpersky report. "Many of these variants make it to the Top Twenty, but sometimes the sheer number of variants prevents them from gaining a high position."

Top 20 Viruses, April 2007
Position Name Percentage
1 Trojan-Proxy.Win32.Dlena.cb 3.23
2 Packed.Win32.PolyCrypt.b 2.87
3 Trojan-Spy.Win32.ProAgent.21 1.88
4 Email-Worm.Win32.Brontok.q 1.52
5 not-a-virus:AdWare.Win32.Virtumonde.if 1.43
6 Trojan.Win32.Agent.qt 1.26
7 Trojan-Downloader.Win32.INService.bl 1.17
8 Virus.VBS.Small.a 1.17
9 Trojan-Clicker.Win32.Small.kj 1.08
10 Trojan-Downloader.Win32.Small.dge 1.08
11 Packed.Win32.Tibs.r 1.08
12 IM-Worm.Win32.Sohanad.t 0.99
13 Trojan-Downloader.Win32.Small.edb 0.99
14 Email-Worm.Win32.Rays. 0.90
15 not-a-virus:Monitor.Win32.Perflogger.163 0.90
16 not-a-virus:Porn-Dialer.Win32.GBDialer.i 0.81
17 Trojan-Downloader.Win32.Small.ddx 0.81
18 Email-Worm.Win32.Zhelatin.ch 0.72
19 Trojan-PSW.Win32.OnLineGames.bs 0.63
20 Trojan.Win32.Obfuscated.ev 0.63

Other malicious programs 74.85
Source: Kaspersky Lab, 2007

ClickZ Live Toronto Twitter Canada MD Kirstine Stewart to Keynote Toronto
ClickZ Live Toronto (May 14-16) is a new event addressing the rapidly changing landscape that digital marketers face. The agenda focuses on customer engagement and attaining maximum ROI through online marketing efforts across paid, owned & earned media. Register now and save!

ABOUT THE AUTHOR

Enid Burns

COMMENTSCommenting policy

comments powered by Disqus

Get ClickZ Email newsletters delivered right to your inbox. Subscribe today!

COMMENTS

UPCOMING EVENTS

Featured White Papers

ion Interactive Marketing Apps for Landing Pages White Paper

Marketing Apps for Landing Pages White Paper
Marketing apps can elevate a formulaic landing page into a highly interactive user experience. Learn how to turn your static content into exciting marketing apps.

eMarketer: Redefining Mobile-Only Users: Millions Selectively Avoid the Desktop

Redefining 'Mobile-Only' Users: Millions Selectively Avoid the Desktop
A new breed of selective mobile-only consumers has emerged. What are the demos of these users and how and where can marketers reach them?

Jobs

    • Contact Center Professional
      Contact Center Professional (TCC: The Contact Center) - Hunt ValleyLooking to join a workforce that prides themselves on being routine and keeping...
    • Recruitment and Team Building Ambassador
      Recruitment and Team Building Ambassador (Agora Inc.) - BaltimoreAgora, www.agora-inc.com, continues to expand! In order to meet the needs of our...
    • Design and Publishing Specialist
      Design and Publishing Specialist (Bonner and Partners) - BaltimoreIf you’re a hungry self-starter, creative, organized and have an extreme...