So a pair of friends of mine have an ‘investment club’ in which we put some money together to own some stock, trading them and theoretically making a profit. Of course, predictably enough we started our little club just before the subprime crisis struck, and now everything we have bought is bleeding out the proverbial ass. It’s really encouraging!

One such stock that we own currently is an OEM security software distributor that sends out perioic “State of Internet Security” bulletins to its shareholders, for some reason. I found this IMMINENT PLZ READ bulletin to be quite exceptional:

(Commtouch Releases Year-End Email Threat Report Massive, Indestructible Zombie Networks Threaten Internet)

SUNNYVALE, Calif., Jan 08, 2008 (BUSINESS WIRE) — Commtouch(R) (Nasdaq:CTCHD) today released its 2007 Q4 Email Threats Trend Report, based on the automated analysis of billions of email messages weekly. The report examines recent trends in email threats such as the growth and development of zombie botnets that disseminate a range of Internet threats including spam, malware, phishing and distributed denial of service (DDoS) attacks.

Highlights of the report include:

— Global spam levels remain high, reaching 96% of all email at its peak during the quarter

— Blended threats combined email, malware and malicious websites

— “Storm Worm” botnet caused numerous outbreaks throughout the quarter, including several new spam formats and blended-threat emails

— 70% of spam messages at the end of Q4 featured sexual enhancement products

Storm Botnet: Massive, Cunning and Aggressive

Throughout Q4 the so-called “Storm Worm” botnet was responsible for numerous outbreaks, including MP3 spam, in which an audio stock pump-and-dump message was distributed as an .mp3 email attachment. During outbreak peaks, MP3 spam accounted for 7-10% of all global spam.

Like all botnets, Storm is made up of a massive global network of PCs infected with malware that gives the botmaster remote control. Though end-users are not likely to notice they have been infected, the botmaster can use the hijacked computing power to generate and send spam and malware, host malicious websites, and even perform DDoS attacks. Traditional anti-spam, anti-virus and IP blocking technologies are unable to keep pace with the dynamic activation and deactivation of the endless number of dynamic IPs.

“Botnets were the culprits in all types of malicious activity during 2007,” said Amir Lev, Commtouch’s president and chief technology officer. “Zombies and in particular the Storm botnet are so cunning about hiding their control channels, the only effective way to protect against them is to dynamically detect and block malicious zombie IP addresses.”

Holiday-related Threats Sour the Season

Q4 was particularly hard-hit by wave after wave of holiday-themed email threats. From October through New Year’s, cyber criminals took advantage of goodwill and celebratory moods to slip past security solutions and into inboxes. Halloween ushered in the season with a blended-threat campaign promising an entertaining “dancing skeleton,” but instead delivered users to a malicious website that infected them with malware. Next a Thanksgiving spam outbreak was sent with Subject lines offering everything from dates to diets. Christmas delivered a holiday-themed blended-threat email including a link to a site that attempted to download new variants of the Storm malware.

More details, including samples of spam and blended-threat email containing
malware and links to malicious websites, are available in the Commtouch 2007 Q4 Email Threats Trend Report, available from Commtouch Labs at:

So basically, the state of internet security and malicious attack email occurance is effectively business as usual. I mean really, I’ve been receiving “GR3ETING CARD FOR U” emails for years now, and spam in general is about as ubiquitous as it ever was. However, the bots, those goddamn bots, they’re quite the nuisance. What with their creating fake profiles on my forum every so often, posting about viagra or porn or whatever, forcing me to take 31 seconds to delete any and all evidence that they ever existed. I’m sure for a web forum with thousands of users this could pose a problem, but then again most websites worth 2 pennies probably have a number of people concentrating on such issues.

I digress. The bottom line is the same as it has always been, and will always continue to be: don’t click on shit that’s in broken english or from someone you don’t know. Is that really so hard? Apparently.

Leave a Reply

Your email address will not be published. Required fields are marked *