Conficker likely to cause rise in spam levels

Peter Dinham
Thursday, 16 April 2009 15:30

Business IT - Technology

That devil of a Conficker worm that’s never far from the surface these days is likely to cause a significant increase in spam levels over the next three months, according to a report by yet another security firm that’s closely monitoring the worm’s exploits.

This latest ringing of the Conficker alarm bells comes from Commtouch, which warns in its first quarter report for this year, that Conficker could cause a “meaningful rise” in spam levels over the next three months.

Commtouch’s chief technology officer, Amir Levy, warns that new spam detection methods beyond traditional content filtering must be employed to block the flood of spam that the massive botnet created by the Conficker worm is capable of sending.

“Detection based on analysis of patterns is the best tool to block massive spam attacks as these patterns will be created in seconds and the IP addresses of the infected computers will be tracked within minutes.”

With multiple variations of the worm reportedly having infected some 15 million computers around the world already, Commtouch’s research reveals that spam offering loans jumped to the top of the list of top spam topics, with 28% in the first quarter, and that, according to Commtouch, is possibly reflective of the global economic situation.

Commtouch also reports that users of social networking sites were targeted by new, more complex phishing attacks in recent weeks, while computers, technology sites and search engines/portals were among the top 10 Web site categories infected with malware and/or manipulated by phishing.

The security firm also says that Brazil continues to lead in zombie computer activity, producing nearly 14% of active zombies for the quarter; and, spam levels averaged 72% of all email traffic throughout the quarter and peaked at 96% of all email messages in early January, then bottomed out at 65% in February.

Also revealed by Commtouch’s research is that spammers attacked large groups of an ISP’s users and moved to the next ISP in a targeted spam outbreak, while an average of 302,000 zombies were activated each day for the purpose of malicious activity.