Malware goes back to the future in May

Powered by SC Magazine
 

New versions of old threats come back to haunt users.

Security reports from May seem to have to transported us back a few years, with an old fashioned dialler and new versions of Netsky, Bagle, Sober and Puce topping the list of malware offenders.

Antivirus company Kaspersky said that new versions of old worms made a comeback last month, including Sober.aa jumping to fourth place.

The previous version of this worm, Sober.z, dates back to the middle of November 2005.

Although Sober.aa is described as "primitive", it has been able to surpass worms with far more advanced functionality. Kaspersky predicts that it may well climb higher in the ratings in the months to come.

Topping security firm Fortinet's threat list in May is a dialler designed to call premium long distance numbers. However, like all modern bots, it may also download, execute and upgrade components.

W32/Dialer.PZ!tr was primarily reported throughout Mexico and the US, dialling into locations in Europe and Africa.

A new P2P worm called Puce.G, which spreads itself and infects files through file-sharing software, was first place on the BitDefender chart with 10.31 per cent of total reports. The worm last topped the malware charts in October 2006.

"With the virtual disappearance of mass-mailers form the top infectors, the trend towards consolidation seems to have reduced somewhat," said Viorel Canja, head of BitDefender Labs.

Meanwhile, data from MessageLabs shows an increase in sudden spam surges, or 'spikes', which target individual domains in an aggressive spam attack, similar to the recent assault on Tiscali.

In one spam spike that lasted only 11 hours, more than 10,000 messages were attempted, accounting for more than 75 per cent of the total messages received by the domain during the entire period.

"This month the bad guys continued with their aggressive attacks by developing new tactics to fly under the radar and cause the most damage," said Mark Sunner, chief security analyst at MessageLabs.

"With the increase in spam spikes and new techniques with image spam, it is crucial for businesses to take a multi-layered security approach among email, web and IM to protect employees and systems from malicious attacks."

While malware creators are resurrecting old worms, it appears that spammers continue to innovate and employ new methods to elude traditional anti-spam solutions.

Rather than embedding images in the body of an email message, spammers are now hosting images on sites that do not require registration and include links to those sites or an HTML image in the email message.

Copyright ©v3.co.uk


Malware goes back to the future in May
 
 
 
Top Stories
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  71%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 756

Vote