What Malware can teach Spam

spamThe world of spam shows an ‘ebb and flow’ pattern. New techniques to evade spam filters arrive, drive an increase in spam, the anti-spam tools react to it and the level and effectiveness falls back to a ‘normal’. Google have been commenting that, maybe, the spammers are running out of new and original ideas. The second quarter of 2009 saw a substantial 53 per cent increase in average spam levels from the first quarter. However, Google said in a blog post that many of the new attacks were simple rehashes of attacks that occurred in the past.

We ourselves have noticed in the past few months the reemergence of some old tactics, notably image spam. There is nothing revelatory in the application of old techniques and their refurbishment and use in a new context. This is an area wherein spam and malware show similarities. In the world  of malware, if an attack found itself to be successful, we would see it being reused or adapted to extend its usefulness. The ‘Storm’ trojan being a good recent example of this. Every other month, it seemed that there was a ‘new’ variant of it that kept it alive – over two years down the line it was still going. Even ‘Conficker’ morphed and changed over the months to help prolong itself. In terms of old techniques being reused, Conficker borrowed from the worms of the past, that made use of floppy-disks and reapplied this in the form of USB thumb drives. So, unfortunately, the world of spam looks to have borrowed some lessons from malware. Twenty years later, we are still fighting malware and fighting more of it than we could ever have imagined.

July 3, 2009 | Filed Under Security, Spam 

comments

Leave a Reply