MessageLabs disappointed the eternally hopeful amongst us by announcing that spam levels are back at highs not seen in over a year. Spam mail accounted for 76.8% of all email in May 2008.
(Link)
Given the level of ingenuity and lateral thinking employed by spammers one might expect them to be district attorneys or secretary-general of the United Nations rather than criminals.
Mark Sunner of MessageLabs, referring to the likes of Google Docs and SkyDrive, says:
“The savvy, intelligent and accurate cybercriminals of today seem to have abandoned the attachments tactic that was so innovative in late 2007 and are now focused on exploiting free hosted applications which have become mainstream in 2008.
“The spammers are taking advantage of the fact that these services are free, provide ample bandwidth and are rarely blacklisted; this is one more addition to the growing list of ways the spammers have succeeded in outsmarting traditional detection devices.”
The report is home to a plethora of numbers and stats including the news that the Srizbi botnet (see below) accounted for 40% of all spam last month.
They also identify Central Bank of Missouri and HSBC as targets of new phishing scams and release news that an increasing daily number of new websites are harbouring malware, spyware and adware.
Spam sucks, doesn’t it?
The big botnet in the sky
If you’re wondering if I spelt “bonnet” wrong above, the answer is “no”. A botnet is a collection of software robots that run a network of remotely-controlled computers responsible for distributing horrible things that break your computer like Trojan horse and worm viruses.
The Kraken and Storm botnets have been the focus of attention for a while but now there’s a new kid on the block – Srizbi.
(Link)
Security company, Marshal, estimate that Srizbi accounts for over 60 billion spam emails a day and dwarves anything seen before. Bradley Anstis says:
“Srizbi is the single greatest spam threat we have ever seen. At its peak, the highly publicized Storm botnet only accounted for 20% of spam. Srizbi now produces more spam than all the other botnets combined”
What puzzles analysts is that botnets usually like to stay under the radar and not be too successful as it increases the chances of detection. It has been suggested that Srizbi has thrived more than its creators expected which probably makes it the “Once” of malware distribution.
Antsis highlights that Storm now accounts for less than 1% of spam so there is hope that Srizbi will go the same way:
“Microsoft recently announced its success combating the Storm botnet with their Malicious Software Removal Tool. The challenge now is for the security industry to collectively turn its sights on Srizbi and the other major botnets.”
Sadly, yes, we’ll have a New Botnet on the Block by then.
Is Bill Gates some sort of Nostradamus? Eh, no.
Don’t get me started on Nostradamus – all a load of twaddle. But his cult status as the great seer is always useful for a sub-editor who wants to have a bit of fun with a visionary who sometimes gets it wrong.
In 1981 BG, with regard to the amount of memory a home computer would need, was reported as saying “640K ought to be enough for anybody”. I searched Google for that using the 2,097,152K installed on my PC.
Although often denied, there is a suggestion that Gates proclaimed the Internet as a “fad”, saying “The Internet? We’re not interested in it” in 1993. And last week we reported on how Gates claims to avoid monopolies in favour of competition as the EU commissioners responsible for imposing a half-a-billion euro anti-trust fine on the software company did a spit-take to rival Jon Stewart.
But while there are doubts than some of the above is true, it was well documented that Gates claimed that spam would become a thing of the past within two years … um, four years ago.
Australian website SearchSecurity.com.au concisely covers the history and reasons for spam in this fine article.
(Link)
Doug Bowers of Symantec gets to the nuts and bolts of the problem:
"…in one form or another, spam will continue to exist as long as there are enough people who respond to make it profitable."
I’m off to see what sort of false quotes I can attribute to Bill Gates. Something about him fancying Samantha from Sex and the City seems appropriate.
