Slashdot Mirror

← Back to Stories (view on slashdot.org)

Massive Spam Shot of "Storm Trojan"

Posted by kdawson on from the storm-warning dept.

jcatcw writes "Postini has already counted nearly 5 million copies of the spam in the last 24 hours, and calculated that the run currently accounts for 87% of all malware being spread through email. 'Expect this to grow much larger,' a Postini spokesman said; 'It should top out at 60 million messages within the next 24 hours.' It's the largest attack in the last 12 months, and more than three times the volume of the two biggest in recent memory: a pair of blasts in December and January. The spam carries a ZIP file attachment posing as a patch with subjects such as Worm Alert!, Worm Detected, Spyware Detected!, or Virus Activity Detected."

2 of 260 comments (clear)

  1. Another day in the world of near-monoculture. by jcr · · Score: 5, Interesting

    After all these years of malware on Windows systems, I think it's high time someone took Microsoft to court and at least charged them with contributory negligence. After the Mellissa virus, they can't claim that they don't know the hazard.

    The person to bring this suit would need to be someone who's not a licensee of any MS products, but has suffered losses from their network getting DOS'd by Windows zombies trying to trade copies of the malware of the hour.

    -jcr

    --
    The only title of honor that a tyrant can grant is "Enemy of the State."
  2. Re:Nope by Ilgaz · · Score: 4, Interesting

    I choose to report my spam instead of ignoring so believe or not, I saw a single Canadian IP spamming (sending that worm) to 3 different mailboxes which has nothing to do with eachother. I even added to spamcop.net report comment "Please take care of this IP" and added the kaspersky virus ID. Guess what happened in return? A kind "thank you we took care of it" from Canadian ISP? No, 2 more spams from same IP! :)

    I have checked the senderbase.org entry and it says like 3500% volume increase over 1 day from that IP!

    Still, as old timer I feel uncomfortable posting the IP on web whether it is spammer/worm infected or not. I mean that worm really took off, perhaps the owner of botnet finally accepted the price offered by mob,mafia whatever using it. Yet again, no worries, Clam detects even without opening that password protected zipped junk.