The Srizbi botnet is using a new spam tactic to trick users into clicking a link to malicious software, according to Marshal’s TRACE Team.
Srizbi’s subject line inserts the receiver’s name into the phrase, “we caught you naked, [your name]! Check the video.”
Concerned that the email actually contains embarrassing video footage, an unsuspecting user may click on the link, said Bradley Anstis, vice president of products at Marshal.
Using the techniques of threatening naked photos and using a person’s name rather than a generic greeting or email address is new, he added.
“You’ll be told to click on the link that says ‘watch it,’ and it will ask you to update your media player,” Anstis told SCMagazineUS.com on Monday. “But it isn’t updating your media player at all. It’s installing the malware.”
Anstis said Marshal TRACE has been tracking this botnet for the past two to three months, and during the last two weeks, Srizbi is responsible for 45 percent of all spam sent. It is believed that the Srizbi botnet includes 315,000 active bots.
Of course, that could change next week.
“Spammers shop around to find the most successful networks,” Anstis said. “It’s important not to get complacent. Other botnets are just as dangerous.”
That Srizbi is sending out so much spam isn’t surprising, said Peter Firstbrook, a Gartner analyst.
“Botnets are responsible for 90 percent or more of all spam,” he told SCMagazineUS.com on Monday. “The only way to slow the rate of spam growth is to [improve] the overall security of endpoints on the network or get the ISPs [internet service providers] to block infected endpoints until they can be cleaned.”