Spam now arriving with virus attached
New spam attacks leave email recipients infected with Storm worm variant.
Spam emails are flooding inboxes not only trying to sell users questionable pharmaceutical products but are also carrying viruses.
Research from email managed service provider MessageLabs has uncovered convergence between spam and viruses through intercepted cyber-criminal activity. The company said that it had intercepted emails that are spam and contain a virus.
The first such emails began trickling in on 14 April, according to the company and these emails mark the latest phase in activity from the Storm worm.
The latest variant of the worm, not only contained pump-and-dump spam but also links to new malware being hosted on websites under the control of the attackers. Purporting to be a screensaver, the malware then drops the Zhelatin MeSpam engine onto the compromised computer. Until now, new versions of Zhelatin have been distributed via botnets to create larger botnets for the purposes of spamming.
Experts said the latest attacks mean that spam should no longer be considered a nuisance but something more deadlier.
"Why use two emails when just one will do?" said Mark Sunner, chief security analyst at MessageLabs. "Now we are seeing the bad guys layer on the threats - as if it's not enough to just scam someone and fill their inbox with junk email, why not also infect and take control of their computer at the same time? These latest techniques are part of a new boldness being shown by certain criminal gangs we are tracking."
A report from the company also found that in April, the global ratio of spam in email traffic from new and unknown bad sources was 76.1 per cent (1 in 13.1), an increase of 0.9 per cent on the previous month. The ratio of viruses in email traffic from new and previously unknown bad sources destined for valid recipients was 1 in 145.5 (0.69 per cent), a decrease of 0.003 per cent since March.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.