The Washington Times - May 1, 2008, 02:04PM
MessageLabs, [a] l… provider of messaging and web security services to businesses worldwide, today announced the results of its MessageLabs Intelligence Report for April 2008. Analysis shows that during April, the Storm botnet has dramatically decreased to just five percent of its original size, whilst web-based malware has increased by 23.3 percent.\ \ \ The introduction of new malicious software removal tools, which are aimed at targeting and removing Storm infections, are deemed responsible for the sudden reduction in Storm-infected machines, now estimated at approximately 100,000 compromised computers. Previously estimated at two million, the decline in Storm’s botnet size is evident by the 57 percent decrease in malware-laden emails distributed\ by the Storm botnet during April.\ \ \ Whilst the Storm botnet decreased in size, analysis of web-based malware identified that 36.1 percent of interceptions in April were new, an increase of 23.3 percent since March. MessageLabs also identified an average of 1,214 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, an increase of 619 per day compared with the previous month.\ \ \ “April was a month of unpredictability with the mighty Storm botnet losing all but five percent of its anonymous army and web-based malware reaching new levels,” said Mark Sunner, Chief Security Analyst, MessageLabs. “This month we find ourselves fighting the cybercrime battle on many fronts, with the bad guys using an arsenal of weapons in order to detonate spam, viruses, phishing attacks and targeted Trojans, making it more important than ever to have a strong security shield in place.”\ \ \ On the cusp of the 30th anniversary of the first spam message, MessageLabs identified a new spamming technique being used to send authenticated spam email via Yahoo!’s SMTP servers. This spam attack accounts for one percent of all spam intercepted in April and has been used to advertise services for Canadian Pharmacy, a well-known spam operation. By using the SMTP server and a DomainKeys Identified Mail (DKIM) authentication technique, the spammers can ensure that the email generated is harder to block based on traditional anti-spam methods.\ \ \ In addition, MessageLabs Intelligence reported targeted attacks reaching new heights this month, with MessageLabs intercepting approximately 70 targeted Trojans per day, an increase of 250 percent on the December 2007 levels of 28 per day. Leveraging interest in the Beijing 2008 Olympics Games, MessageLabs has intercepted 13 separate Olympic themed attacks over the past six months which use legitimate-sounding email subject titles, such as “The Beijing 2008 Torch Relay” and “National Olympic Committee and Ticket Sales Agents”. Some attacks purported to be from the International Olympic Committee, based in Lausanne Switzerland, however in reality all of the attacks but one were sent from an IP address within [the] Asia Pacific\ [geographic region].\ \ \ Finally, MessageLabs has uncovered a new way that scammers are abusing professional social networking sites like Linked-In. For the first time, they are taking advantage of these sites to lend legitimacy to Nigerian 419 advance fee fraud scams by creating profiles with false credentials that pertain to the business involved in the\ scam.
Internal Revenue Service SEE RELATED:


— Mark Kellner, The Washington Times