Symantec’s latest MessageLabs Intelligence Report – unveiled today – is scary stuff. Botnets continue to be a major cause for concern, particularly Cutwail, which has been in operation for months.
Courtesy of MessageLabs:
MessageLabs Intelligence reports seeing a dramatic rise in volume of the Bredolab Trojan being sent by the Cutwail (Pandex) botnet. Bredolab is a Trojan that arrives in the form of a zip file attachment to an email with a subject referring to postal tracking numbers (as in the sample email below) and is designed to give the sender complete control of the target computer.
The email prompts the recipient to open and run the attachment which automatically installs the Trojan. Once installed, it attempts to disable the host based security and then facilitates downloading other malicious content.
“By nature, once this Trojan is on a system, it is unlikely to be detected and will allow the controller to do whatever they wish with the infected machine, such as installing other malware and spyware,” said MessageLabs Intelligence Senior Analyst, Paul Wood, Symantec Hosted Services.
Currently, the most common form of malicious file type attachments are zip files, owing to the large scale of this latest threat. Zip files are a common file format and have often been used for sending malware in the past, but are often used legitimately too.
There is no indication that a zip file attachment represents an increased likelihood of a file being malicious; however, most businesses are unlikely to use zip files as part of their typical email correspondence.
MessageLabs Intelligence has seen the percentage of spam relating to the Bredolab Trojan steadily increasing in recent months, reaching its highest level in October (to date), it currently accounts for 3.5 percent of all spam and 5.6% of all malware intercepted each day.
So far in October, approximately 3.6 Billion Bredolab malware emails are likely to be in circulation each day, worldwide.
Earlier this year, MessageLabs reported on the battle of the bots, in which Donbot, Cutwail and Mega-D were all vying for the top spot.
If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
One response to “3.6 Billion Bredolab Trojan Emails Daily Says MessageLabs”
Pingback: Twitted by twitbots