Newsletter International Q1 2011

A new Botnet in eastern europe and an old acquaintanc

antispameurope reports several spam attacks from Eastern Europe and Central Asia


Several waves of spam are currently sweeping over the internet. antispameurope has lready recorded an increased frequency of spam emails, primarily from the Russian and Central Asian areas. These are predominantly advertisements for marriage bureaux, online casinos and travel agencies. The Hanover security specialists have also recognized an old acquaintance: Canadian Pharmacy is an organization that has been sending unwanted mails for many years and now appears to have become active again. While they previously oncentrated on Viagra advertising, the current wave of spam now includes identical advertising emails linked to software purchases.

 

The spam waves from Eastern Europe and Central Asia in particular suggest that the senders have adopted a new strategy. A greatly increased number of emails have landed in the antispameurope quarantine area, always at the same time of day. The systems from which these spam emails were originated have not previously been blacklisted. By contrast to the previous attacks, only a relatively small number of systems were used for this attack. “The spammers have presumably built up new botnets in recent months,” says Olaf Petry, head of IT operations at antispameurope. “They are now using the newly-hijacked systems to creep into user mailboxes. Because of the relatively small number of systems being used, this spam wave will probably also last longer than in the past.”

 

The emails from Canadian Pharmacy fell initially as a result of an increase in virus warnings. The background: as long as six months ago, antispameurope security experts added hijacked systems to their database, since these were set up to generate drive-by downloads as well. Now the system flagged them up again, but this time the addresses were simply being misused for forwarding to advertising pages, though this could change at any time. “In the case of Canadian Pharmacy, it is important to note how professionally the supposedly official web pages are designed, giving the recipient the impression of a high degree of professionalism,” Olaf Petry adds. “This shows once again that healthy skepticism on the part of internet users is insufficient. Only technical solutions offer effective protection.”