 |  |  |  |  |  |  |  |
The 2008 Cybercrime Naughty List
MessageLabs Intelligence data reveals that, in an announcement that will probably come as no shock to anyone who actually uses the Internet, the average spam level for the year managed to hit 81.2 percent. Perhaps a little more surprisingly, especially given the number of security vendor warnings throughout 2008, malware levels only managed to average out at 0.7 percent or just 1 in 143.8 messages.
MessageLabs, recently acquired by Symantec, has also released a Top Cybercrimes of 2008 list which serves to showcase the most notable of these malware attacks.
The Storm worm was certainly among the most aggressively spreading of malware attacks we saw during 2008, leading to the formation of one of the biggest botnets ever seen. How big? How does something in the region of 2 million compromised computers grab you?
Meanwhile, search engine spam also took hold during the year, with spammers abusing those search engine redirects which enabled them to include a link from a genuine query within an email message. Of course, the link then resolves to the spammers forged web site to allow them to bypass many traditional anti-spam detection mechanisms. After all, 'legitimate' search engine sites will not usually be flagged as malicious.
Who can forget all the stories about CAPTCHA getting broken? It all started back in February with webmail CAPTCHA systems getting cracked, although the hackers did not stop there and as MessageLabs says "as 2008 wore on, CAPTCHA breaking techniques continued to increase in sophistication and became the key to the spamming kingdom."
Targeted Trojans are nothing new, but 2008 saw a number of new versions which managed to evade anti-virus systems courtesy of code variations. Perhaps the most memorable being those that spoofed a U.S. consumer advocacy site as well as the Olympic games organizers.
In general, Web-based malware has continued to be a pain in the ass with the number of new and malicious sites being blocked increasing by more than 90 percent in July. Unfortunately, the surge seems to be linked to nothing newer than old fashioned SQL injection attacks. Sigh.
It was in May, though, that spammers discovered what was perhaps the perfect way to spam: links to hosted online documents created under accounts with a major hosted applications service provider, which simply were not blocked by traditional spam filters. Oh, and we cannot forget the Srizbi effect which resulted in some 1.3 million computers getting infected and accounted for at least 50 percent of all spam in 2008.
However, when it came to news in 2008 there really was no escaping the whole Obama thing. Sadly, there was no escape when it came to Obama spam either. "Political spam was rampant" reports MessageLabs, with the Barack Obama name being used to lure recipients’ attention. The first spam cluster purported to sell watches or pills but spoofed email addressed from the following domains: barackobamaismyhomeboy.com and barackobamaisyournewbicycle.com, a popular website that intended to honor the presidential candidate’s altruism. The second run of Obama-related spam foreshadowed the outcome of the election using Obama subject lines 85 percent of the time and subject lines with McCain references 15 percent of the time.
MessageLabs, recently acquired by Symantec, has also released a Top Cybercrimes of 2008 list which serves to showcase the most notable of these malware attacks.
The Storm worm was certainly among the most aggressively spreading of malware attacks we saw during 2008, leading to the formation of one of the biggest botnets ever seen. How big? How does something in the region of 2 million compromised computers grab you?
Meanwhile, search engine spam also took hold during the year, with spammers abusing those search engine redirects which enabled them to include a link from a genuine query within an email message. Of course, the link then resolves to the spammers forged web site to allow them to bypass many traditional anti-spam detection mechanisms. After all, 'legitimate' search engine sites will not usually be flagged as malicious.
Who can forget all the stories about CAPTCHA getting broken? It all started back in February with webmail CAPTCHA systems getting cracked, although the hackers did not stop there and as MessageLabs says "as 2008 wore on, CAPTCHA breaking techniques continued to increase in sophistication and became the key to the spamming kingdom."
Targeted Trojans are nothing new, but 2008 saw a number of new versions which managed to evade anti-virus systems courtesy of code variations. Perhaps the most memorable being those that spoofed a U.S. consumer advocacy site as well as the Olympic games organizers.
In general, Web-based malware has continued to be a pain in the ass with the number of new and malicious sites being blocked increasing by more than 90 percent in July. Unfortunately, the surge seems to be linked to nothing newer than old fashioned SQL injection attacks. Sigh.
It was in May, though, that spammers discovered what was perhaps the perfect way to spam: links to hosted online documents created under accounts with a major hosted applications service provider, which simply were not blocked by traditional spam filters. Oh, and we cannot forget the Srizbi effect which resulted in some 1.3 million computers getting infected and accounted for at least 50 percent of all spam in 2008.
However, when it came to news in 2008 there really was no escaping the whole Obama thing. Sadly, there was no escape when it came to Obama spam either. "Political spam was rampant" reports MessageLabs, with the Barack Obama name being used to lure recipients’ attention. The first spam cluster purported to sell watches or pills but spoofed email addressed from the following domains: barackobamaismyhomeboy.com and barackobamaisyournewbicycle.com, a popular website that intended to honor the presidential candidate’s altruism. The second run of Obama-related spam foreshadowed the outcome of the election using Obama subject lines 85 percent of the time and subject lines with McCain references 15 percent of the time.
Similar Threads
- News Story: A world of Cybercrime, and how it affects you (Viruses, Spyware and other Nasties)
- Cybercrime - The New Battleground (Web Development Job Offers)
- Naughty or Nice (Geeks' Lounge)
- Hi All you naughty Boys and Girls (Community Introductions)
- I'm naughty but need your help! (Web Browsers)
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Network Security Posts
- Today's Posts
- Unanswered Threads
advertising age amd android apple avatar bluegene botnet browser business cellphone censorship china chips copyright crime data database development dos downloads economy email encryption energy enterprise facebook firefox gadget games gaming google government hacker hacking hardware ibm ibm.news intelibm internet iphone ipod itunes law legal linux mac malware marketing mcafee medicine memory microsoft mobile mozilla music news openoffice opensource os pc phishing piracy porn privacy ps3 recession redhat report research russia search security sex socialnetworking software spam spyware sun supercomputer supercomputing survey technology trends trojan twitter ubuntu uk video virus vista web windows windows7 working worm x86 xbox yahoo youtube
