E-mail Marware Down. V-Day Spam Up…. Symantec

This month’s Symantec Intelligence Report has a few interesting things.

First they find that the email malware rate has dropped significantly since December, where only one in 400 emails containing a virus in January. This is the lowest virus rate they’ve seen since 2009. It could indicate that email virus distributors took a break after the holiday season, or that they have continued to migrate away from email as a choice for malicious payload delivery.

Second, Valentine’s Day spam is in full swing. Such spam generally arrives as an ecard during this time of year, preying upon a potential victim’s curiosity about a potential secret admirer—a situation where a legitimate email would likely arrive unsolicited in the first place. Unfortunately many such emails around this time of year do not lead to unexpected romance, but rather fake bargains, phishing attempts, or malicious code.More details on these scams can be found here [Warning: PDF].

Finally, Symantec and Microsoft partnered to take down a notorious botnet: Bamital. The primary purpose of this botnet has been to generate ad revenue by hijacking search engine results, redirecting them to a C&C server hosting ads of the attacker’s choosing. Symantec has been tracking this botnet since 2009, and has successfully shut down the all known components of used to operate the botnet. Security Response has released a whitepaper, providing a detailed overview of the botnet, which is available for download here [Warning: PDF].

The Symantec Intelligence Report [Warning: PDF] is now online for your viewing pleasure.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: