Malware delivered via email grew by 400 percent in the last week of March 2011, with the spike detected two weeks after the takedown of the Rustock botnet, according to a quarterly report by Commtouch.
The Internet Threats Trend Report, which covers spam, phishing, malware and web threats, said while overall spam activity dropped around the New Year, it had a dramatic rise after the holidays. For the first three months of 2011, spam averaged 168 billion emails per day. After the elimination of Rustock, spam decreased to an average of nearly 119 billion messages daily.
Following the Rustock takedown, zombie activity also dropped significantly, but large increases of enslaved computers became evident in the wake of the malware outbreak at the end of the quarter.
The period between January and March 2011 saw various methods to distribute malware:
- Mass mailings of “parcel tracking information“ purporting to come from UPS and DHL accounted for 30 percent of all emails sent during the peak of the outbreak
- Facebook chat messages from hacked user accounts led to bogus Facebook apps and viruses
- PDFs with embedded script malware mimicked Xerox-scanned documents
- The “Kama Sutra“ virus tempted recipients with an explicit PowerPoint presentation
The report also describes attempts by spammers and phishers to save money by hiding their online presence in disused forums or using online form-filling services to ease the collection of phished user data.