Cyberoam announced that a new email-borne malware threat has emerged, where messages claim to be from a private detective hired to monitor the email recipient. According to Cyberoam partner Commtouch, the outbreak was first identified on Saturday, November 17th and sample subject lines include, "I'm monitoring you"; "You’re being watched"; "Your phone is monitored"; and, "The tape of your conversation".
The malware distributors have attached a "recording" of the recipient's phone call in an effort to convince the recipient of their surveillance capabilities, which is actually an executable .scr malware file. The attachment names are numerical variations on "call1105-10.rar." and are password-protected, compressed files. The malware inside the attachment is activated when the recipient opens the file with the password provided in the body of the email.
"These techniques indicate the malware author's ability to successfully launch new variants of malware on the Internet, which is why signature-less protection against these types of attacks is critical," said Joshua Block, VP of North American Operations, Cyberoam. "Traditional signature-based protection methods are unable to provide zero-hour protection. Cyberoam’s unique identity-based UTM appliances provide organizations of all sizes with a proactive virus detection technology that protects against spam and new email-borne virus outbreaks hours before signatures are released and updated in signature-based solutions."
Commtouch research shows that global spam levels recently reached an all-time high of 95 percent, increasing a spammer or virus author’s ability to launch a successful attack. To help combat this, Cyberoam’s fully integrated gateway antivirus and anti-spam engines provide reliable web and e-mail security at the gateway for enterprises.