Pirates, Bunnies and Worms

As part of this blog, I plan on providing a weekly summary of what’s been happening in SophosLabs

In many ways it has been a regular week, a large number of the usual variants in malware, spammers up to their usual tricks and a constant stream of new compromised websites.

Last nights “Pirates of the Caribbean” attack shows how organised and opportunistic malware authors are. Timing the spamming out of the Trojan with the release of the film, although not a great inspiration, it does highlight the professional approach authors are taken.

BadBunny is at the opposite end of the scale, a completely pointless proof of concept that had no real possibility of seriously affecting anyone, whilst Gatina-B highlights how malware is targeted and regional.

In the world of spam, we’ve been seeing quite a lot of abuse of image hosting sites. The technique is similar to the previous abuse of free host sites like Geocities, but in this case, an image is posted and the link included in the spam. Campaigns are stock pump and dump scams along the lines of the “˜normal’ German image spam that became so popular earlier this year. We’ll be going into more detail on this particular technique in the days to come.

With the weekend coming up and public holidays in many countries, it will be interesting to see what happens, the past has shown that it will be either very quiet as the hackers take time out, or it will be busy with many new campaigns. My bet is on the latter I’m afraid. Either way, we’ll have analysts on duty in the labs around the globe to deal with what does (or doesn’t happen)