A new type of spam campaign is circulating around the globe - loaded with links to malicious files and the intension of building botnets - warns security vendor Marshal.
The campaign labelled ‘piggyback’ spam” is embedded with URL links that are completely unrelated to the spam being advertised and instead opens up a file rather than a website, according to Bradley Anstis, director of product management at Marshal.
“The link is not integral to the main message instead the links are inserted in odd places and essentially hitch a ride or “piggyback’ on otherwise normal spam messages,” said Anstis.
If users click on a link they are prompted to download a file, which, if executed, will lead to further malware such as key logging programs or spambots being installed onto their PCs. Anstis advised users that they should not save or download the file at any means.
Furthermore, Anstis said the spam was discovered about two weeks ago is targeted towards the US market place but is spreading around the world and increasing.
Researchers at Marshal’s security TRACE team said the piggyback spam may be an attempt by botnet syndicates to increase the size of their spam botnets and spread malware.
“They are trying to kill two birds with one stone hoping some users will click on the link and start a chain of events that ends up with the users PC being part of their botnet,” said Anstis.
According to Marshal, Botnets now perform multiple sophisticated tasks, including sending spam, performing distributed denial of service attacks (DDOS), detecting and disabling anti-virus software and detecting and removing rival spambots from competing botnet syndicates.
Beware of new "piggyback spam" campaign
By Negar Salek on Jul 2, 2007 1:54PM