Application security, Incident Response, Malware, Phishing, TDR

Payload spam volume rockets to new heights

After leveling off during the past two years, the amount of spam laden with virus payloads has spiked, according to a new report.

Each day during the past three months, email security provider Google Postini blocked more than 100 million messages to which a virus was attached, according to a post on the search giant's Enterprise Blog.

“There is a heightened level of payload-virus attacks,” Adam Swidler, senior product marketing manager for Google's Postini group, told Friday. “The last time we saw volumes this high was in 2007, when there was an outbreak of the Storm [Worm] attack.”

The majority (55 percent) of the viruses were attached to messages, such as fake notices of underreported income from the IRS, and another 33 percent were fake package tracking attachments, according to Postini.

The company also found that message sizes were increasing, driven by the resurgence of image spam and larger payload viruses. By one metric -- spam bytes processed per user -- average size has grown by 123 percent since the third quarter of 2008, a rise of more than double.

“At the heart of what's driving this spike in volume is the fact that hackers are trying to reseed their botnets in the wake of some of recent ISP takedowns [McColo, 3FN],” Swidler said. “At the volumes they put these things out, it just takes a tiny percentage of users to get fooled. The botmasters are adding hundreds, if not thousands of machines to their botnets every day."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.