Weekly News via Email
   Set as homepage | Add to favorites | Customer Service | Subscribe Now | Place an Ad | Contact Us | Sitemap Wednesday, 08.27.2014
Classifieds
News Archive
Su Mo Tu We Th Fr Sa
 1  2  3
 4  5  6  7  8  9  10
 11  12  13  14  15  16  17
 18  19  20  21  22  23  24
 25  26  27  28
Online Extras
Site Services
Around Bend
Outdoor Fun
Travel Info
Shop Local




Members Of



Poll: Today's Live Poll
Email to a friend | Print this | PDF version | Comments (0 posted) 
  Blogger |   del.icio.us |   digg |   newsvine

Feb 02,2007
Second massive email virus attack in one month portends explosive growth in fraud, theft, spam and viruses
by Bend Weekly News Sources

Postini, the global leader in on-demand communications security, compliance and productivity solutions for email, instant messaging and the web, announced Monday that hackers and spammers are raising their onslaught in 2007 as witnessed by two massive, global email-borne virus attacks which took place from December 29 to December 31, 2006 and again from January 19 to January 21, 2007. Each of these attacks was so large that they drove up the level of viruses on the Internet up by a factor of 20 over usual activity.

Both attacks were designed to steal personal information and hijack the recipient's computer to add to ever growing "bot-nets" - massive networks of infected personal computers used to distribute spam and virus attacks. The size and sophistication of these back to back attacks implies that spam and virus levels on the Internet, which are already at all-time highs, will continue to rise as newly hijacked computers are brought into action and begin spewing even more spam and viruses.

This latest attack has become known as the Storm worm because the original email subject line was, "230 dead as storm batters Europe". At the time of the email, there in fact was actually a heavy winter storm occurring in Europe. This is the latest example of the attackers' sophistication and real- time capabilities, launching the attack and timing it to coincide with real news about the storm. The email that contained the virus frequently mutated to show dozens of different fake, sensational but believable headlines designed to tempt the reader into clicking on an attachment and thus infecting their computer. Other subjects included, "Russian missile shot down USA aircraft" and "Saddam Hussein alive!"

The infectious email had a file attachment that contained a trojan horse virus known as Downloader-BAI or AUTH-W32/Downloader. If a person clicks on the attachment, their computer will become infected with the virus which then attempts to send personal information (including email addresses, financial information and credit card information) from that computer back to the hackers who created the virus. They can then use this information for identity theft or sell it to others. The virus also provides a back-door for hackers to take control of the computer and add it to a bot-net to be used in future spam and virus attacks. This attack also illustrated the escalating vicious cycle of spam and viruses being fueled by and creating bot-nets. The virus was distributed by email, which was sent from bot-net zombies that had been infected by previous email-borne viruses and the intent of the virus was to infect even more computers and turn them into larger bot-net zombie network to use in future spam and virus attacks. The email subject, content and virus all mutated many times over the course of the outbreak in an attempt to evade detection. Anti-virus engine providers had to issue several signature updates throughout the outbreak.

As the virus attack began, Postini's PREEMPT email protection service immediately began blocking the worm. Over the three day period, Postini stopped more than 29 million infected messages from reaching the 36,000 businesses Postini provides email security services for. On January 20, 2007 alone, Postini blocked almost 17 million infected email messages, nearly 20 times the average daily virus volume in 2006.

The January 2007 Storm worm follows on the heels of another email-borne virus, the Happy New Year worm, which attacked the Internet in late December 2006. The Happy New Year worm contained a subject line and an attachment exploiting the expectations of legitimate postcards and greetings from friends and families. The infected attachment contained numerous strains of malicious code (including Tibs, Nuwar, Banwarum, and Glowa) as well as two root kits designed to hide the presence of the malicious code from anti-virus scans. Ultimately, the goal of the Happy New Year worm was to create more zombie computers that could be added to bot-nets and used for additional spamming and other attacks.

Starting on December 28, 2006, Internet virus volumes began to dramatically increase and Postini PREEMPT email protection began blocking infected messages. At the peak of the outbreak on December 30, 2006, Postini blocked 19.5 million messages infected with the Happy New Year worm and its variants.

These two attacks were by far the largest to occur in the past 12 months. "The explosion of bot-nets, millions of infected computers controlled by malicious actors around the world, has changed the balance of power in the world communications security," said Daniel Druker, executive vice president of marketing at Postini. "As Valentines Day approaches, email users should continue to keep their guard up, as there are already new mutations of the Storm worm with love-related subject lines."
1489 times read

Related news
Secure Computing warns of new security threat by Bend_Weekly_News_Sources posted on Feb 28,2007

Justice Department alerts public about fraudulent spam email by Bend_Weekly_News_Sources posted on Jun 29,2007

'Conficker.c' computer worm threat doubted by UPI posted on Mar 31,2009

Bird flu likely behind death in Indonesia by UPI posted on Oct 05,2007

West Nile Virus May Arrive in Oregon This Year by Bend Weekly News Sources posted on May 17,2006

Did you enjoy this article? Rating: 5.00Rating: 5.00Rating: 5.00Rating: 5.00Rating: 5.00 (total 18 votes)

Market Information
Breaking News
Most Popular
Most Commented
Featured Columnist
Horoscope Guide
Aquarius Aquarius Libra Libra
Aries Aries Pisces Pisces
Cancer Cancer Sagittarius Sagittarius
Capricorn Capricorn Scorpio Scorpio
Gemini Gemini Taurus Taurus
Leo Leo Virgo Virgo
Local Attractions
Bend Visitors & Convention Bureau
Bend Visitors & Convention Bureau

Mt. Bachelor Resort
Mt. Bachelor Resort

Les Schwab Ampitheater
Les Schwab Ampitheater

Deschutes County Fairgrounds
Deschutes County
Fairgrounds

Tower Theatre
Tower Theatre

The High Desert Museum

Advertisements



Deschutes County

Google  
  Web    BendWeekly.com
© 2006 Bend Weekly News
A .Com Endeavors, Inc. Company.
All Rights Reserved. Terms under
which this service is provided to you.
Please read our Privacy Policy. Contact us.
Bend Weekly News & Event Guide Online
   Save the Net
Advertisement
External sites open in new window,
not endorsed by BendWeekly.com
Subscribe in NewsGator Online
Add to Google Add to MSN Add to My AOL
What are RSS headlines?