NEWS: Symantec Announces May 2010 MessageLabs Intelligence Report
Symantec has published its May 2010 MessageLabs Intelligence Report. It contains some useful information about botnets use of URLs in spamming:
While Rustock is the botnet that uses the greatest number of disposable domains, Storm, which has recently returned to the spamming scene, is the only botnet that uses genuine domains in greater number than disposable domains.
and the growth of spam originating in eastern Africa, most notably from Kenya, Rwanda and Uganda.
Historically, broadband adoption has been a tipping point for spammers to acquire more bots. The new undersea fiber optic cable along the east coast of Africa has enabled rapid growth in the number of users obtaining high-speed connections to the internet creating a great opportunity for attackers to infect new machines and create new bots.
Paul Wood, MessageLabs Intelligence Senior Analyst
But the bit that caught my eye was the first captured malware attack featuring the world cup.
Once downloaded and activated, the malware produces files that generate pop-up messages and in the background collects information on what other machines are on the same network enabling the attacker further access to the compromised computer.
This is just the beginning. There will be many more over the next few weeks.