Massive Spam Shot of "Storm Trojan" 260
jcatcw writes "Postini has already counted nearly 5 million copies of the spam in the last 24 hours, and calculated that the run currently accounts for 87% of all malware being spread through email. 'Expect this to grow much larger,' a Postini spokesman said; 'It should top out at 60 million messages within the next 24 hours.' It's the largest attack in the last 12 months, and more than three times the volume of the two biggest in recent memory: a pair of blasts in December and January. The spam carries a ZIP file attachment posing as a patch with subjects such as Worm Alert!, Worm Detected, Spyware Detected!, or Virus Activity Detected."
Comment removed (Score:5, Interesting)
maybe the problem... (Score:2, Interesting)
...is that malware has better installation instructions than any of our other software. When people see documentation, it's like a dream come true!
Ah... disillusionment. :-)
Mail server filters (Score:3, Interesting)
Re:Too much privilege! (Score:3, Interesting)
Lets say there was no laws governing seat belts. And theoretically after seat belts where already in wide use among the new.. flying cars that a few people drove. Fly Systems finally invents the flying cars for the average Joe. It really takes off and now almost everyone has a Fly System car, but Fly Systems REFUSES to sell cars with seat belts, despite a market demand. Sure you can buy add-in seat belts but they never work just right.. Would Fly Systems be partially liable?? I don't know but its an interesting legal question.
Inoculation (Score:2, Interesting)
A good campaign of email virus inoculation should do the trick. Start a series of spam which looks exactly like a virus, but just puts up a "If this were a virus, you'd have just infected yourself!" message, thus training users to just don't open it!
Possibly add a link or button (perhaps labeled "Click Me!") which puts up a follow-up message for the especially thick user: "For heaven's sake, you're just making it worse. Quit clicking these things!"
A day in the life of a spam filter (Score:3, Interesting)
Re:Nope (Score:3, Interesting)
I hope you are right, because I have had an epiphany and am now one of those who decry the "clueless users/lusers" responsible for letting their machines become infected and recruited into botnets.
I used to have sympathy for them, but as botnets proliferate and my mail servers get pounded even harder by spam et al, that sentiment is becoming harder to conjure up.
I am on the verge of joining the "computer users should be licensed" ranks.
[sigh]
Re:Another day in the world of near-monoculture. (Score:3, Interesting)
I thought I'd be a smart-ass and show you that it didn't run on Linux. But, damn! I have Wine installed.
Re:computer IQ test? (Score:2, Interesting)
You didn't specify a base.
Re:Nope (Score:5, Interesting)
I have checked the senderbase.org entry and it says like 3500% volume increase over 1 day from that IP!
Still, as old timer I feel uncomfortable posting the IP on web whether it is spammer/worm infected or not. I mean that worm really took off, perhaps the owner of botnet finally accepted the price offered by mob,mafia whatever using it. Yet again, no worries, Clam detects even without opening that password protected zipped junk.