Welcome!

News Feed Item

Spam in February: Become Part of a Major Botnet

ABINGDON, England, March 24, 2014 /PRNewswire/ --

Kaspersky Lab today reveals its Spam analysis for February 2014. It found that many malicious attachments in February's spam came in emails allegedly sent by women who wanted to make new friends in the run-up to Valentine's Day. Some attackers went even further by trying to hook recipients with the promise of explicit photos in archives attached to messages. There were also more conventional malicious mass mailings imitating fake notifications from popular social networking sites, including Facebook.

February's love-themed malicious spam was dominated by Trojans, as the cybercriminals' mass mailings targeted credulous users with a Trojan-Dropper. The Trojan installs two malicious programs on the system - one is spyware that steals all document files (*. Docx, *. Xlsx, *. Pdf) from the computer and sends them to a specific mailbox; another is IRC-bot/worm called ShitStorm which can carry out DDoS attacks on websites and spread copies of itself via MSN and P2P services. If recipients respond to this sort of email, their computer can easily become part of a botnet. In addition to Trojan spyware, this month's malicious spam included ransomware - a type of malware that blocks the user's computer and then demands money to unblock it. The explicit photos also turned out to be malicious programs and among them was the Andromeda backdoor that allows cybercriminals to secretly control a compromised computer.

Yet another malicious program imitated fake notifications from major social networking sites. Messages allegedly sent on behalf of Facebook informed recipients that a lot had happened on friends' news feeds since they last visited the site and they were prompted to open the attached archive to find out more. The archive contained the backdoor from the aforementioned Andromeda family.

Meanwhile, 'Nigerian' scammers could not pass up the opportunity to exploit the situation in Ukraine and the tragic events that followed in order to cheat users out of their money. They cited some familiar stories about unfortunate tourists in Kiev who had all their money stolen, followed by a request for financial assistance.

The  share  of  spam  in  email  traffic

  • The proportion of spam in email traffic in February increased by 4.2 percentage points compared to the previous month and averaged 69.9 per cent - 1.2 percentage points less than in February 2013.

Sources  of  spam

  • China (23 per cent) returned to the top of the rating, followed by the USA (19.1 per cent) and South Korea (12.8 per cent). The UK accounted for less than 1 per cent (0.69 per cent) of spam.

Phishing

  • Top 3 types of organisations targeted most frequently by phishers were: social networking sites (27.3 per cent), email services (19.34 per cent) and e-pay organisations (16.73 per cent). Kaspersky Lab specialists also came across fraudulent notifications in February that claimed to be from the Malaysian Hong Leong bank.

"Phishing emails that use the names of major financial and e-payment organisations from different countries are being actively spread by scammers to steal personal financial information. A successful attack usually gives the phishers full access to the victim's personal account on the banks' website," says Tatyana Shcherbakova, Senior Spam Analyst at Kaspersky Lab.

The full report is available at securelist.com.

About  Kaspersky  Lab

Kaspersky Lab is the world's largest privately held vendor of endpoint protection solutions. The company is ranked among the world's top four vendors of security solutions for endpoint users*. Throughout its more than 16-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at http://www.kaspersky.co.uk.

* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2012. The rating was published in the IDC report "Worldwide Endpoint Security 2013-2017 Forecast and 2012 Vendor Shares (IDC #242618, August 2013). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2012.

Contact: Alice Collins - +44-(0)118-909-0909

SOURCE Kaspersky Lab

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
SYS-CON Events announced today that Enzu will exhibit at SYS-CON's 21st Int\ernational Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive advantage. By offering a suite of proven hosting and management services, Enzu wants companies to focus on the core of their ...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
"Tintri focuses on the Ops side of the DevOps, which basically is pushing more and more of the accessibility of the infrastructure to the developers and trying to get behind the scenes," explained Dhiraj Sehgal of Tintri in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Both SaaS vendors and SaaS buyers are going “all-in” to hyperscale IaaS platforms such as AWS, which is disrupting the SaaS value proposition. Why should the enterprise SaaS consumer pay for the SaaS service if their data is resident in adjacent AWS S3 buckets? If both SaaS sellers and buyers are using the same cloud tools, automation and pay-per-transaction model offered by IaaS platforms, then why not host the “shrink-wrapped” software in the customers’ cloud? Further, serverless computing, cl...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
Automation is enabling enterprises to design, deploy, and manage more complex, hybrid cloud environments. Yet the people who manage these environments must be trained in and understanding these environments better than ever before. A new era of analytics and cognitive computing is adding intelligence, but also more complexity, to these cloud environments. How smart is your cloud? How smart should it be? In this power panel at 20th Cloud Expo, moderated by Conference Chair Roger Strukhoff, paneli...
In his session at @ThingsExpo, Eric Lachapelle, CEO of the Professional Evaluation and Certification Board (PECB), provided an overview of various initiatives to certify the security of connected devices and future trends in ensuring public trust of IoT. Eric Lachapelle is the Chief Executive Officer of the Professional Evaluation and Certification Board (PECB), an international certification body. His role is to help companies and individuals to achieve professional, accredited and worldwide re...
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...
IoT solutions exploit operational data generated by Internet-connected smart “things” for the purpose of gaining operational insight and producing “better outcomes” (for example, create new business models, eliminate unscheduled maintenance, etc.). The explosive proliferation of IoT solutions will result in an exponential growth in the volume of IoT data, precipitating significant Information Governance issues: who owns the IoT data, what are the rights/duties of IoT solutions adopters towards t...
It is ironic, but perhaps not unexpected, that many organizations who want the benefits of using an Agile approach to deliver software use a waterfall approach to adopting Agile practices: they form plans, they set milestones, and they measure progress by how many teams they have engaged. Old habits die hard, but like most waterfall software projects, most waterfall-style Agile adoption efforts fail to produce the results desired. The problem is that to get the results they want, they have to ch...
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...
Wooed by the promise of faster innovation, lower TCO, and greater agility, businesses of every shape and size have embraced the cloud at every layer of the IT stack – from apps to file sharing to infrastructure. The typical organization currently uses more than a dozen sanctioned cloud apps and will shift more than half of all workloads to the cloud by 2018. Such cloud investments have delivered measurable benefits. But they’ve also resulted in some unintended side-effects: complexity and risk. ...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
In 2014, Amazon announced a new form of compute called Lambda. We didn't know it at the time, but this represented a fundamental shift in what we expect from cloud computing. Now, all of the major cloud computing vendors want to take part in this disruptive technology. In his session at 20th Cloud Expo, Doug Vanderweide, an instructor at Linux Academy, discussed why major players like AWS, Microsoft Azure, IBM Bluemix, and Google Cloud Platform are all trying to sidestep VMs and containers wit...