Home  › Email › Email Marketing

The Deadly Duo: Spam and Viruses, April 2007

  |  May 22, 2007   |  Comments

Threats shift from e-mail to Web-borne infection, while the rate of attacks may be falling.

Sophos identified a worm known as SB/Badbunny-A, which attacks Windows, MacOS, and Linux users by dropping a bad OpenOffice Draw file on the desk. When executed, the worm propagates through different means on each operating system.

The file itself contains a JPEG of a rabbit performing an "indecent" act. Additional findings from Sophos show a shift from e-mail to the Web to spread malware. Over 245,790 Web pages hosting malicious code were identified in April, an average of 8,193 infected pages per day.

Top 10 Malware Threats, April 2007
Position Malware Percentage
1 Mal/Iframe 44.7
2 JS/EncIFra 19.7
3 Troj/Fujif 10.0
4 Troj/Psyme 8.7
5 Troj/Decdec 5.3
6 Troj/Ifradv 4.0
7 Mal/Packer 1.0
8 Mal/FunDF 0.7
9 Mal/ObfJS 0.5
10 Mal/Behav 0.4

Others 5.0
Source: Sophos Plc., 2007

Top 10 E-mail-Based Malware Threats, April 2007
Position Malware Percentage of Reports
1 W32/Netsky 24.7
2 W32/Dref 24.0
3 W32/Mytob 15.6
4 W32/Stratio 12.3
5 W32/Zafi 5.2
6 W32/Sality 3.7
7 W32/MyDoom 3.6
8 W32/Bagle 3.0
9 W32/Nyxem 1.6
10 Troj/Small 0.9

Others 5.4
Source: Sophos Plc., 2007

Top 10 Hoaxes and Chain Letters, April 2007
Position Hoax Percentage of Reports
1 Hotmail hoax 17.3
2 Olympic torch 9.6
3 MSN is closing down 4.3
4 A virtual card for you 3.5
5 Bonsai kitten 2.9
6 Meninas da Playboy 2.6
7 Budweiser frogs screensaver 2.6
8 Justice for Jamie 2.5
9 Bill Gates fortune 1.8
10 Music Top 50 1.6

Others 51.3
Source: Sophos Plc., 2007

Top 10 Countries Hosting Malware-Infected Web Sites, April 2007
Position Country Percentage
1 China (incl. Hong Kong) 56.4
2 U.S. 28.3
3 Russia 5.4
4 Germany 3.4
5 France 1.2
6 Canada 0.7
7 South Korea 0.6
7 Ukraine 0.5
9 Netherlands 0.4
10 U. K. 0.4

Others 2.7
Source: Sophos Plc., 2007

E-mail remains an effective vehicle for spammers and for many criminal rings, though the rate of incidents is falling. MessageLabs identified 180 attacks in April, down from 249 in March. Spam rates reached 76.1 percent, a 0.9 percent increase over March's 75.2 percent, but lower than the peak of 94.5 percent observed in July of 2004.

Viruses were found in one in every 145.5 e-mails received in April; and phishing tactics were used in one in every 416.1 e-mails. Microsoft Word was used in 95 percent of targeted attacks, though a Taiwanese criminal gang known as "Task Briefing" used infected PowerPoint files to propagate botnets. MessageLabs said the majority of attacks consisted of an e-mail sent to one individual to evade signature-based malware detection. Additionally, attacks primarily targeted the public sector, but were deployed over the weekends for much the same reason.

Postini calculates spam and viruses to comprise over 93 percent of e-mails, up 135 percent from September 2006 rates, and a 36 percent increase over January 2007. Web-borne security threats from spyware and adware are also on the rise; the spread of online threats increased by 34.4 percent over the previous month.

A mix of young and old viruses take the top 20 spots reported by Kaspersky. Some of the newer viruses remain out of high circulation due to deployment of new tactics.

"Virus writers are now spamming multiple variants of their latest creation within a very short space of time," according to a Kaskpersky report. "Many of these variants make it to the Top Twenty, but sometimes the sheer number of variants prevents them from gaining a high position."

Top 20 Viruses, April 2007
Position Name Percentage
1 Trojan-Proxy.Win32.Dlena.cb 3.23
2 Packed.Win32.PolyCrypt.b 2.87
3 Trojan-Spy.Win32.ProAgent.21 1.88
4 Email-Worm.Win32.Brontok.q 1.52
5 not-a-virus:AdWare.Win32.Virtumonde.if 1.43
6 Trojan.Win32.Agent.qt 1.26
7 Trojan-Downloader.Win32.INService.bl 1.17
8 Virus.VBS.Small.a 1.17
9 Trojan-Clicker.Win32.Small.kj 1.08
10 Trojan-Downloader.Win32.Small.dge 1.08
11 Packed.Win32.Tibs.r 1.08
12 IM-Worm.Win32.Sohanad.t 0.99
13 Trojan-Downloader.Win32.Small.edb 0.99
14 Email-Worm.Win32.Rays. 0.90
15 not-a-virus:Monitor.Win32.Perflogger.163 0.90
16 not-a-virus:Porn-Dialer.Win32.GBDialer.i 0.81
17 Trojan-Downloader.Win32.Small.ddx 0.81
18 Email-Worm.Win32.Zhelatin.ch 0.72
19 Trojan-PSW.Win32.OnLineGames.bs 0.63
20 Trojan.Win32.Obfuscated.ev 0.63

Other malicious programs 74.85
Source: Kaspersky Lab, 2007

ClickZ Live Chicago Join the Industry's Leading eCommerce & Direct Marketing Experts in Chicago
ClickZ Live Chicago (Nov 3-6) will deliver over 50 sessions across 4 days and 10 individual tracks, including Data-Driven Marketing, Social, Mobile, Display, Search and Email. Check out the full agenda and register by Friday, Oct 3 to take advantage of Early Bird Rates!

ABOUT THE AUTHOR

Enid Burns

COMMENTSCommenting policy

comments powered by Disqus

Get ClickZ Email newsletters delivered right to your inbox. Subscribe today!

COMMENTS

UPCOMING EVENTS

Featured White Papers

IBM: Social Analytics - The Science Behind Social Media Marketing

IBM Social Analytics: The Science Behind Social Media Marketing
80% of internet users say they prefer to connect with brands via Facebook. 65% of social media users say they use it to learn more about brands, products and services. Learn about how to find more about customers' attitudes, preferences and buying habits from what they say on social media channels.

An Introduction to Marketing Attribution: Selecting the Right Model for Search, Display & Social Advertising

An Introduction to Marketing Attribution: Selecting the Right Model for Search, Display & Social Advertising
If you're considering implementing a marketing attribution model to measure and optimize your programs, this paper is a great introduction. It also includes real-life tips from marketers who have successfully implemented attribution in their organizations.

WEBINARS

Jobs

    • Web Writer
      Web Writer (Money Map Press) - BaltimoreDo you have a passion for the markets and investing, and writing? Do you want to spend your days providing...
    • Web Production Specialist
      Web Production Specialist (Money Map Press) - BaltimoreMoney Map Press is looking for a self-starter to perform and oversee the production of daily...
    • Internet Marketing Campaign Manager
      Internet Marketing Campaign Manager (Straight North, LLC) - Downers GroveWe are looking for a talented Internet Marketing Campaign Manager...