Global Greetings
The seemingly endless stream of greeting card malware is begining to become tiresome, especially as we discussed it so often on this blog. But I thought I would share one more piece of information on the topic.
As you are probably aware already, the basic approach with this campaign, is to send out spam to a large number of recipients, trying to entice them with various lures, the most popular being ecards to celebrate Labor day, 4th July or just a simple “greeting”.
Each spam contains a link to an IP address and these represent a machine that’s already infected and being used to serve up the malware to anyone that clicks on the link.
As described previously, one of our automation systems (ADoM) monitors our spam traps for this type of spam and then automatically fetchs the malware to ensure we maintain detection. ADoM is actively monitoring over ten thousand infected machines. I decided to take a small sample (around 300) and plot them on everyone’s favourite globe.
I wonder whether the malware author(s) will still be sending us the usual greetings at Chrismas. Judging by the number of infected machines, probably!!
Posted on September 7th, 2007 by Mark Harris, VP of SophosLabsFiled under: General
Windows 7 security - A great leap forward or business as usual?
