Home  › Email › Email Marketing

The Deadly Duo: Spam and Viruses, April 2007

  |  May 22, 2007   |  Comments

Threats shift from e-mail to Web-borne infection, while the rate of attacks may be falling.

Sophos identified a worm known as SB/Badbunny-A, which attacks Windows, MacOS, and Linux users by dropping a bad OpenOffice Draw file on the desk. When executed, the worm propagates through different means on each operating system.

The file itself contains a JPEG of a rabbit performing an "indecent" act. Additional findings from Sophos show a shift from e-mail to the Web to spread malware. Over 245,790 Web pages hosting malicious code were identified in April, an average of 8,193 infected pages per day.

Top 10 Malware Threats, April 2007
Position Malware Percentage
1 Mal/Iframe 44.7
2 JS/EncIFra 19.7
3 Troj/Fujif 10.0
4 Troj/Psyme 8.7
5 Troj/Decdec 5.3
6 Troj/Ifradv 4.0
7 Mal/Packer 1.0
8 Mal/FunDF 0.7
9 Mal/ObfJS 0.5
10 Mal/Behav 0.4

Others 5.0
Source: Sophos Plc., 2007

Top 10 E-mail-Based Malware Threats, April 2007
Position Malware Percentage of Reports
1 W32/Netsky 24.7
2 W32/Dref 24.0
3 W32/Mytob 15.6
4 W32/Stratio 12.3
5 W32/Zafi 5.2
6 W32/Sality 3.7
7 W32/MyDoom 3.6
8 W32/Bagle 3.0
9 W32/Nyxem 1.6
10 Troj/Small 0.9

Others 5.4
Source: Sophos Plc., 2007

Top 10 Hoaxes and Chain Letters, April 2007
Position Hoax Percentage of Reports
1 Hotmail hoax 17.3
2 Olympic torch 9.6
3 MSN is closing down 4.3
4 A virtual card for you 3.5
5 Bonsai kitten 2.9
6 Meninas da Playboy 2.6
7 Budweiser frogs screensaver 2.6
8 Justice for Jamie 2.5
9 Bill Gates fortune 1.8
10 Music Top 50 1.6

Others 51.3
Source: Sophos Plc., 2007

Top 10 Countries Hosting Malware-Infected Web Sites, April 2007
Position Country Percentage
1 China (incl. Hong Kong) 56.4
2 U.S. 28.3
3 Russia 5.4
4 Germany 3.4
5 France 1.2
6 Canada 0.7
7 South Korea 0.6
7 Ukraine 0.5
9 Netherlands 0.4
10 U. K. 0.4

Others 2.7
Source: Sophos Plc., 2007

E-mail remains an effective vehicle for spammers and for many criminal rings, though the rate of incidents is falling. MessageLabs identified 180 attacks in April, down from 249 in March. Spam rates reached 76.1 percent, a 0.9 percent increase over March's 75.2 percent, but lower than the peak of 94.5 percent observed in July of 2004.

Viruses were found in one in every 145.5 e-mails received in April; and phishing tactics were used in one in every 416.1 e-mails. Microsoft Word was used in 95 percent of targeted attacks, though a Taiwanese criminal gang known as "Task Briefing" used infected PowerPoint files to propagate botnets. MessageLabs said the majority of attacks consisted of an e-mail sent to one individual to evade signature-based malware detection. Additionally, attacks primarily targeted the public sector, but were deployed over the weekends for much the same reason.

Postini calculates spam and viruses to comprise over 93 percent of e-mails, up 135 percent from September 2006 rates, and a 36 percent increase over January 2007. Web-borne security threats from spyware and adware are also on the rise; the spread of online threats increased by 34.4 percent over the previous month.

A mix of young and old viruses take the top 20 spots reported by Kaspersky. Some of the newer viruses remain out of high circulation due to deployment of new tactics.

"Virus writers are now spamming multiple variants of their latest creation within a very short space of time," according to a Kaskpersky report. "Many of these variants make it to the Top Twenty, but sometimes the sheer number of variants prevents them from gaining a high position."

Top 20 Viruses, April 2007
Position Name Percentage
1 Trojan-Proxy.Win32.Dlena.cb 3.23
2 Packed.Win32.PolyCrypt.b 2.87
3 Trojan-Spy.Win32.ProAgent.21 1.88
4 Email-Worm.Win32.Brontok.q 1.52
5 not-a-virus:AdWare.Win32.Virtumonde.if 1.43
6 Trojan.Win32.Agent.qt 1.26
7 Trojan-Downloader.Win32.INService.bl 1.17
8 Virus.VBS.Small.a 1.17
9 Trojan-Clicker.Win32.Small.kj 1.08
10 Trojan-Downloader.Win32.Small.dge 1.08
11 Packed.Win32.Tibs.r 1.08
12 IM-Worm.Win32.Sohanad.t 0.99
13 Trojan-Downloader.Win32.Small.edb 0.99
14 Email-Worm.Win32.Rays. 0.90
15 not-a-virus:Monitor.Win32.Perflogger.163 0.90
16 not-a-virus:Porn-Dialer.Win32.GBDialer.i 0.81
17 Trojan-Downloader.Win32.Small.ddx 0.81
18 Email-Worm.Win32.Zhelatin.ch 0.72
19 Trojan-PSW.Win32.OnLineGames.bs 0.63
20 Trojan.Win32.Obfuscated.ev 0.63

Other malicious programs 74.85
Source: Kaspersky Lab, 2007

ClickZ Live New York What's New for 2015?
You spoke, we listened! ClickZ Live New York (Mar 30-Apr 1) is back with a brand new streamlined agenda. Don't miss the latest digital marketing tips, tricks and tools that will make you re-think your strategy and revolutionize your marketing campaigns. Super Saver Rates are available now. Register today!

ABOUT THE AUTHOR

Enid Burns

COMMENTSCommenting policy

comments powered by Disqus

Get ClickZ Email newsletters delivered right to your inbox. Subscribe today!

COMMENTS

UPCOMING EVENTS

UPCOMING TRAINING

Featured White Papers

Google My Business Listings Demystified

Google My Business Listings Demystified
To help brands control how they appear online, Google has developed a new offering: Google My Business Locations. This whitepaper helps marketers understand how to use this powerful new tool.

5 Ways to Personalize Beyond the Subject Line

5 Ways to Personalize Beyond the Subject Line
82 percent of shoppers say they would buy more items from a brand if the emails they sent were more personalized. This white paper offer five tactics that will personalize your email beyond the subject line and drive real business growth.

WEBINARS

Resources

Jobs

    • Customer Service Consultant
      Customer Service Consultant (Bonner and Partners) - Delray BeachBonner & Partners: Full-time Customer Service Consultant Position Who we are...
    • Financial Editor
      Financial Editor (Confidential) - DurhamSIX FIGURE EDITORS WANTED: To enforce lofty NEW editing standards. Easy Conditions Unlikely. Promotion and...
    • Information Processing Specialist
      Information Processing Specialist (Agora Inc. ) - BaltimoreInformation Processing Specialist – The IP specialist position ensures the successful...