Increased use of spam spreads malware

IT Reseller Magazine

Article Search: Go To: Keyword

HOME Channel News Channel Talk Events Video Library

The Magazine Subscribe Editor 2010 Media Kit Digital Edition Advertise Feed Back Contact Us

Technologies Data Capture Bar Code RFID Biometrics ID Cards Mobile Computing Print & Label Retail Technology Document Mgmt. Networking Internet security Data Storage Power/UPS Audio/Visual Videos

Verticals POS/hospitality Logistics Field service Education Manufacturing Healthcare Office Automation Gov./Finance

Online Tools RSS Feeds Newsletters Advertise Digital Edition Contact Us Personal Dev. Video Library Jobs

Links Retail Technology Your Tech TV Logistics IT Logistics Handling Your Logistics TV

Internet Security
Internet control, email and network protection

Increased use of spam spreads malware
July 28, 2008

PandaLabs has detected an increase in the use of spam combined with social engineering to spread malware. Several examples have appeared over the last few days.

The most recent case detected involves emails warning of an alleged malware alert (with subjects such as: Worm alert! or spyware alert!), but whose real aim is to spread the Nurech.Z worm. To make the messages more credible, typically trusted sources such as Customer Support are used as the name of the sender.

Another recent case uses photographs of Britney Spears as bait. The email has subjects including “Britney spears naked pussy & paris Hilton” or “Hot pictures of Britiney Speers”. On opening the email, users will find several erotic photos of the singer. However, when they click on the photo they will actually be downloading the malicious code onto the computer. This worm exploits a vulnerability in Microsoft ANI files in order to spread. This code then downloads other examples of malware onto computers.

The third example is similar to the previous one, although it emerged a few days later. The only difference is the protagonist. In this case it uses photos of the pornstar Jenna Jameson as a lure to trick users into clicking on the link hidden in the pictures. The result is the same. The malicious code exploits vulnerabilities in ANI files to infect the computer and download more malware.

“Emails have also been received with subjects like “Hot pictures of paris hilton nude” or other similar titles. The aim is the same: to entice users into clicking on a link and falling into the trap. This is known as social engineering”, explains Luis Corrons, technical director of PandaLabs.

Another example has been used to spread the Grum.A worm. This malware spreads in emails offering a beta of Internet Explorer 7. As in the previous cases, the message contains a photograph, which in this case supposedly gave access to the beta version of IE 7.

“Why use spam to spread malware? On the one hand, junk mail reaches people on a massive scale and therefore improves the chances of success. On the other, in this way cyber-crooks get the users themselves to download the infected file, so avoiding malicious attachments being detected and eliminated by antivirus solutions.”, explains Luis Corrons.

All users that want to know whether their computers have been attacked by these or other malicious code can use TotalScan, the free online solution available from PandaLabs.

They can also use the NanoScan beta, an online scanner that detects active malware on computers in less than 1 minute.

Other Internet Security News

Security White Papers

Verizon Business and Motorola join forces to help safeguard retailers’ wireless networks from hackers
Retailers are increasingly using in-store local area wireless networks for a variety of key functions, including staying in close touch with sales personnel who are serving customers. But all too often, these networks are vulnerable to a variety of security threats such as attacks by hackers and the use of unauthorised devices.

BullGuard to hold 2010 Full Disclosure Briefing for resellers
BullGuard Internet Security 9.0 unveiled to the channel

A third of workers will steal data to help a friend find a job, says study
The recession is creating camaraderie among workforces, at the expense of their employers, is the finding of a transatlantic survey.

Industrialisation of Hacking Will Dominate The Next Decade
Imperva delineates five key security trends UK Organisations will face during the next ten years

Managed Service Providers believe most RMM systems end up being 'shelfware'
GFI Software has announced the findings from industry research on Remote Monitoring & Management (RMM) software for Managed Service Providers (MSPs), Value Added Resellers (VARs) and IT support organizations.

Mobile laptop usage soaring - but what about company data security?
The apparently amusing tale of how New York coffee shops - apparently fed up with laptop users hogging their table space and using up electricity for hours on end - has a much darker message, says Sean Glynn, Director at Credant Technologies.

More >>

Understanding the value of outsourcing network security services
This white paper will examine the many new challenges that are facing today’s network owners, the pros and cons of using in-house resources and outsourcing for your network assessment and day-to-day monitoring, as well as guidelines to help select and maximize the value of outside resources.

GFI warns one anti-virus engine is not enough to protect your business
Although 99% of large British companies use anti-virus products, 43% were still infected by viruses (UK ISBS Survey 2006)

CONTENT FILTERING SOLUTIONS TECHNOLOGY REPORT APRIL 2006
Source: West Coast Labs/Netintelligence

The Trend of Threats Today: 2005 Annual Roundup and 2006 Forecast
Trend Micro
The report that follows is not only an account and analysis of 2005 threat
incidents. It also serves as a forecast of what the future holds in 2006 and
onwards. Through Trend Micro‘s extensive research and analysis of the 2005
incidents, this paper documents how threats evolved into the multi-purpose
threat regime – thus providing corporate and home users information on what
to do to ensure they remain protected against future threats. Download free white paper.

If you can't beat it, manage it
David Caughtry of Computerlinks looks at the challenges facing IT managers with the growing use of Instant Messaging in the workplace.

Are you becoming a one-stop security shop?
David Ellis, director of e-security at Unipalm discusses best practice security management and the evolution of protection technology.

More >>

Look out for worms in your spam!
Increased use of spam combined with social engineering to spread malware
Popular tennis websites struck in latest malware attack, Sophos warns
Tennis fans at risk as hackers infect websites during Wimbledon tournament
More malicious attacks on the threat horizon, warns ISF
The Information Security Forum is warning of an increase in malicious threats including attacks from organised crime and industrial espionage, along with a rise in mobile malware and Web 2.0 vulnerabilities
New Facebook profile design marred by security slip-up
Privacy breach exposed users' hidden dates of birth
Confick worm exploits Microsoft MS08-067 vulnerability
Back in October warnings were given about a critical security vulnerability found in some versions of Microsoft Windows

© Copyright 2006, IBC - Interactive Business Communications Help \| Contact Us \| Privacy \| RSS Feeds \| Site Map \| Advertise YourTechTV.com Only Technology Videos