Home

FedEx used for continued email malware – Zombies up 70%

April 28th, 2011 by Avi Turiel | Category: Antivirus, malware | 4 Comments »

It’s been almost one month since we reported about the huge increase of email-borne malware attachments.  The outbreaks have continued on an almost daily basis since then and we have noted a corresponding dramatic increase of over 70% in the number of zombies.

The traffic graph below shows the continued outbreaks (orange line).  As noted previously the levels shown below have not been seen for well over one year.  The outbreaks often reach levels of 20-40% of all email traffic.

Initially the attachments were “UPS package notifications”.  Then the subjects changed focus to “DHL package notifications”.  The zip attachment however, remained “UPS.exe” leading us to conclude that DHL were transporting UPS malware.

And now (the most logical step we suppose..) the subjects have changed to FedEx package notifications.  The attached “document.zip” file still extracts to “UPS.exe”.  The body text is actually an image served from a variety of fast changing domains.  The body of the email includes random text with a 1-point font size and white color.  In this example the text reads “fwa dp ud gn vbg we ayf zv ole” (yes – that’s quite random…)

dear customer the parcel was sent your home address and it will arrive within 7 business day. more information and the tracking number are attached in the document below. thank you

Share and Enjoy:
  • email
  • Print
  • Twitter
  • Digg
  • Facebook
  • StumbleUpon
  • FriendFeed
  • del.icio.us
  • Google Bookmarks
  • LinkedIn
  • Technorati
  • Yahoo! Bookmarks
  • Reddit
Tags: , , ,
 
  • http://news4geeks.net/2011/04/29/zombies-up-71/ Zombies up 71% « news4geeks.net

    [...] commtouch.com) SHARE If you enjoyed this post, please consider leaving a comment or subscribing to [...]

  • http://www.stopspamtips.com/after-rustock-botnet-rebuilding-underway-2/ After Rustock, botnet rebuilding underway | Stop Spam Tips

    [...] that the bot masters’ attempt to grow their botnets had worked: On Thursday, the company noted a 71 percent increase in zombies since [...]

  • http://www.worsttech.com/security/fedex-dhl-scam-spam-threat-1108009.html FedEx Scam on The Loose – Worst Tech!

    [...] [commtouch] (function() {var s = document.createElement('SCRIPT'), s1 = [...]

  • http://blogs.zdnet.com/security/?p=8602 Commtouch: 71 percent increase in new zombies | ZDNet

    [...] to researchers from Commtouch, since the start of the malware outbreaks, they have recorded a 71% increase in new zombies, clearly indicating a pretty decent click-through rate for the malicious [...]

Notify me of followup comments via e-mail. You can also subscribe without commenting.

 
© Commtouch Café
 | Site by illuminea | Sitemap