SPAM swapped for viruses in my inbox

[Per Hansson]

During the last few weeks I seem to be getting less and less SPAM in my e-mail, and this you would think is good. But when it infact get replaced by viruses it is not, especially not since the viruses are much larger per e-mail than regular SPAM e-mails.

It all started like an ordinary virus with the latter "Bagle.A" on January the 18th... fast forwarding to the current day we have "Bagle.S", yes that is 20 versions of the same Virus in 2 months! I keep track of these viruses via F-Secure's Weblog, where F-Secure antivirus staff post details on the latest viruses as they find them. These viruses install backdoors that are used for sending SPAM from the affected computers, this backdoor allows the virus writers full control over infected PC's, they can update their viruses and install software on those computers...

There have also been a new virus just released that works similarly to the old Slammer worm, this one is called Witty but only infects computers with the Black ICE software. ISS Advisories. It would seem that this indeed is starting out as the year of the Superworm.

 

[Shiney]

I have also noticed a large increase in viruses in my email, mainly the W32.Netsky.B@mm.
Before I was only getting one a month now it's up 2+ a day

 

[david5182]

Same for me.
I use my business address rarely and only for business.
I have never received any spam nor any viruses. Now, although it is still spamless, I get this W32.Netsky.B@mm virus about once a day.

When will theses virus writers become extinct?

 

[Nodsu]

When will theses virus writers become extinct?

It will happen sometime after we enforce the laws of natural selection and shoot all unknown email attachment opening/Outlook using *****s on the spot. Wiping out Microsoft and all Windows installations in the world would do the trick also. You decide which is easier

 

[Per Hansson]

Nodsu; I think I would prefer both

 

[SNGX1275]

My university has some antigen software or something on its end, so when all this Bagle crap came out at first it didn't catch it, but within a day everytime I'd get one it would just be the e-mail with the zip removed and replaced with a text file saying what was removed. So perhaps if ISPs would provide end filtering like my University does, the severity of this issue would be decreased substantially.

 

[Nodsu]

The problem is that an ISP can't block password protected .zips because there are quite many legit encrypted archives moving around and in most cases the sysadmins are too stupid/too lazy/unable to define the bagle letters in spam filter rules. Not to mention that the number of spam filtering capable mail servers is even lower than than the minuscle amount of AV-enabled email gateways.

 

[Per Hansson]

Our mailscanner at work detects viruses in encrypted e-mails.

I think most large virusscanners have figured out how to do it...

 

[Nodsu]

You mean there is an easy and efficient way to look at data inside encrypted zip files? What's the point in encrypting the damn things in the first place?

Most likely the mailscanner just blocks all encrypted zips or it has some custom rule definition possibility where you can put in the characteristics of a virus mail and let it block those.

 

[StormBringer]

My ISP blocks them as well, has been since right after that bagle crap, and it doesn't block all encrypted zip files.

 

[Per Hansson]

Originally posted by Nodsu
Most likely the mailscanner just blocks all encrypted zips or it has some custom rule definition possibility where you can put in the characteristics of a virus mail and let it block those.

No, I tried sending an encrypted virus through our mailscanner that I got to my Techspot mail and it sent back an e-mail telling me what type of virus it found inside the encrypted file...

 

[IssaDorra]

I'm using SpamBully to filter my Inbox, but I've also noticed an increase of phishing and viruses in my spam folder

 

[DragonMaster]

The only viruses I got in my mail was years ago : M$ security bulletins with fake attached hotfixes in my Yahoo mailbox.

I just receive MORE spam these days... ARRRRGH!!! (Almost 20 a day)
Strange thing too, the amount of SPAM is proportional to the number of other messages I receive at the same time. If I get absolutely no other mails, I get no spam. If I'm in one of the days I get 80 messages, there are 10 spam mails