Application security, Patch/Configuration Management, Vulnerability Management

Origin of mystery ‘self-spamming’ emails revealed


The mystery spam containing only numbers that began hitting inboxes this week has been identified as the payload of a new trojan, Symantec said in an advisory today.

W32.Beagle.FC is a trojan that pilfers email addresses from compromised computers and sends messages to the addresses, the anti-malware giant said. It rated the virus’s threat containment as "easy" and the ability to remove it as "moderate."

Security experts believe hackers sent the spam emails – which appear as though the recipient sent them – as a test to determine the legitimacy of their email lists, possibly serving as the precursor to a malware or junk mail attack. In fact, for some users of Google’s Gmail service, the messages showed up in their outboxes.

Only numbers appear in the subject line and letter body – often three- and four-digit combinations – but the messages are not believed to be malicious, according to a report on the SANS Internet Storm Center website. They contain no attachments or links.

As a fix, Symantec recommended users or network administrators to configure PCs to run only necessary functions, maintain fully patched systems, enforce a password policy, configure email servers to block messages with attachments commonly used to send viruses and train employees not to open emails from unknown sources.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.