Home

Email malware levels skyrocket

August 18th, 2011 by Avi Turiel | Category: Antivirus | 2 Comments »

Earlier this week we described a huge malware outbreak with increases of over 500%.  The graph we presented showed a tapering off after the peak of the attack.  The similar attacks in March and April also showed this trend – with a large initial outbreak followed by gradually decreasing spikes as the month went on.  However, for the current attack, it seems the main outbreak was still looming when we wrote the previous post.

Following the peak on the 12th of August, levels did start decreasing before soaring to nearly 25 billion malware emails between Monday and Tuesday.

One trend from March that is repeating itself is the change from UPS to DHL-themed emails.

Email text:

GOOD AFTERNOON!

DEAR CUSTOMER , RECIPIENT’S ADDRESS=IS WRONG

PLEASE PRINT OUT THE INVOICE COPY ATTACHED AND=COLLECT THE PACKAGE AT OUR DEPARTMENT

Best wishes , DHL=TEAM

Commtouch’s Command Antivirus detects the attachments as ZIP/Bredolab.A!Camelot.  The malware starts its activity by downloading additional files from a randomly named .ru site followed by 2 GET requests from separate .org sites.

Share and Enjoy:
  • email
  • Print
  • Twitter
  • Digg
  • Facebook
  • StumbleUpon
  • FriendFeed
  • del.icio.us
  • Google Bookmarks
  • LinkedIn
  • Technorati
  • Yahoo! Bookmarks
  • Reddit
Tags: ,
 
  • http://blog.commtouch.com/cafe/malware/incorrect-hotel-charges-%e2%80%93-install-malware-for-refund/ Incorrect hotel charges – install malware for refund | Commtouch Café

    [...] the UPS and “map of love” outbreaks of the last few weeks, today saw further large amounts of [...]

  • http://blog.commtouch.com/cafe/email-security-news/step-1-infect-millions-of-computers/ Step 1 – infect millions of computers. Step 2 – ? | Commtouch Café

    [...] UPS/FedEx – certainly not a new tactic, but clearly still effective.  Recipients receive a notification of a package that is due to arrive or has been held up with more details promised in “the attached notice” [...]

Notify me of followup comments via e-mail. You can also subscribe without commenting.

 
© Commtouch Café
 | Site by illuminea | Sitemap