Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Malware-laden Email Rises in 1H 2012, Says AppRiver

Email messaging and Web security solutions firm AppRiver, its mid-year Threat and Spamscape report, noted a significant uptick in malware-laden messages during the first half of this year.

The report, which focuses on spam and malware trends, showed strong continued appearances of popular malware including Zeus, SpyEye, and the Blackhole toolkit, and a rise in mobile malware—echoing other recent vendor reports.

Email messaging and Web security solutions firm AppRiver, its mid-year Threat and Spamscape report, noted a significant uptick in malware-laden messages during the first half of this year.

The report, which focuses on spam and malware trends, showed strong continued appearances of popular malware including Zeus, SpyEye, and the Blackhole toolkit, and a rise in mobile malware—echoing other recent vendor reports.

“We have noticed an increase in both the volume and the quality of emails with malicious URLs,” said Fred Touchette, senior security analyst at AppRiver. “Not only are there more of them, they are also using more sophisticated graphics that look very similar to the graphics of their legitimate counterparts. This makes it much easier to trick people into revealing their personal information such as bank account numbers.”

The company, which protects over 45,000 customers totaling more than 8 million mailboxes, highlighted several trends that it saw during the first six months of 2012, including:

Surge in Smartphone Spam: With smartphone use on the rise, spammers are using text messaging to trick smartphones users into clicking on malicious links or responding to them. Similar to the nefarious practice called, “Pay Per Install,” text spammers try to lure users into installing software and then make money off each installation and/or steal personal information.

Traditional Email Spam – AppRiver said spam levels were on the decline during the first 5 months of the year but in June, started to pick back up and be the first month over month rise in spam of 2012.

Zeus Continues its Reign: Campaigns purporting to be banking security updates continue to target email users. Just recently, Zeus donned a new avatar to dupe unsuspecting recipients. This new version of the Trojan conveyed a “Credit Notification” from Wells Fargo informing recipients that their accounts had been credited $11,000.00. To convince users of its legitimacy, the authors attached details of the transaction in a file suitably named “transaction&details.zip.” Once executed, the attachment embedded itself on the victim’s machine and stole bank credentials.

Blackhole Toolkit Gaining Traction: In addition to Zeus, the Blackhole crime toolkit quickly made its way among the heavy hitters during the first half of 2012. Sold on the underground forums for cheap, the Blackhole toolkit is readily available and can be leveraged to create a foothold by installing the Zeus Trojan on many machines.

Cyber Espionage: In the wake of Stuxnet and Duqu worm discoveries, another very complex piece of code was recently discovered that targeted the Middle East and North Africa. The virus, dubbed “Flame,” marked a new era in cyber warfare demonstrating how unique, hard-to-detect cyberweapons can be successfully deployed against nation states.

“So far in 2012 we’ve already witnessed a great amount of activity targeting many facets of all of our everyday lives,” the company noted in a blog post. “We’ve seen some minor wins for the good guys in the face of some major adversity from the bad guys. We’ve also witnessed the uncovering of a few apparent government sponsored cyberattacks that have really made people sit up and notice.”

AppRiver’s Threat and Spamscape report for the first half of 2012 is available here in PDF format. 

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.