New “Piggyback” Spam Circulating Worldwide

Security experts have issued warnings about a new type of spam hitting inboxes across the globe. Called “piggyback spam”, it looks like the typical spam message hawking things like shady pharmacies, fake watches, loans, etc, but rather than links to websites where the products can be ordered, these spams are full of links to malicious files having nothing to do with what the message is about. If a recipient clicks on any of them, a file download dialog box opens. If the recipient foolishly continues with their download, a variety of malware including a keylogger and a Trojan that takes over the machine and adds it to a botnet, is installed on their PC.

Experts believe this new type of spam is being used by cybercriminals as a way to increase their botnets.

Botnets are getting more and more sophisticated. In addition to sending out huge amounts of spam and hitting websites with DDoS attacks, botnets can tell if the machines they take over are already part of a rival botnet and take them out of it, and can even find and disable anti-virus software. New ones are popping up regularly, and even the shut down of botnet haven McColo has done nothing to slow them down. It did knock out 3 of the largest, Mega-D. Srizbi, and Rustock, but it only took a couple of weeks for them to reappear from their new base somewhere in Estonia.