Spammers are taking particular advantage of the heightened interest in health-related issues like swine flu and healthcare reform to distribute large shortened-URL spam runs using the Donbot botnet, according to Symantec’s MessageLabs.
“In August, the ongoing abuse of shortened-URLs as a delivery mechanism resulted in a number of legitimate URL-shortening services being forced to close their businesses due to their inability to handle the malicious use of their tools,” a spokesperson for MessageLabs says. Here are a couple of screenshots from such services:
Shortened URLs have created a huge breeding ground for spammers, but cybercriminals have plenty of other methods of spreading ill will. MessageLabs shars a few other threats from August that they say should be on your radar:
– Cutwail’s nine lives: On August 1st, Latvian ISP Real Host was shutdown, causing Cutwail’s activity levels to drop by 90 percent. However, it only took Cutwail a matter of days to recover, demonstrating just how powerful and intelligent this botnet has become.
– DDoS attacks on social networks: A number of social networking websites were recently reported to be victims of DDoS attacks. MessageLabs found that the attacks may be linked with a spam run against an anti-Russian blogger. MessageLabs Intelligence suggests that this small but strategic spam run contributed to the DDoS attacks on these social networking sites. A botnet was also used to conduct the DDoS attack in parallel, with compromised computers under the botnet’s control commanded to open the page of the targeted social networking website.
– Old malware comes back to haunt us: MessageLabs Intelligence analysis highlights how cybercriminals are three times as likely to favor repurposing malware across numerous domains rather than developing new tactics. In August, analysis of malware being blocked each day highlights that only 11.9 percent was newly developed malware.
MessageLabs has a report covering the month of August in threat trends here(pdf). It talks about how one in 296.6 emails contained malware, but there have actually been decreases in spam, phishing, and blocked malware sites.
