New Malicious Spam Exploits Craigslist

A new malicious spam attack is exploiting the popular site Craigslist. The messages arrive with the subject line “Re: Car For Sale on Craigslist” and with a message that look like a reply to an inquiry about a car for sale on the site. A link within it claims to direct the recipient to photos of the vehicle on Picasa. The link instead leads to a malicious site that downloads a Trojan on to the visitor’s computer.

It’s not yet known who’s responsible for this latest wave of malicious spam, but experts are warning people to be very cautious. Only 13 out of 41 virus scanners caught the virus, meaning that having an up to date virus program may not be enough to protect you. Obviously if you or your company hasn’t inquired about a car for sale on Craigslist you should immediately delete any such messages.

This is only one of several new viruses discovered recently, including one that targets AutoCAD software, and experts say the amount of malware found on the net is only going to rise.

          “Criminals see a better bottom line with more files,” security researcher Sean-Paul Correll said, adding that there are more viruses because the malware writers have automated the creation of virus variants. They are releasing polymorphic engines to distribute a massive number of unique samples… They hope to subvert antivirus lab technology by releasing a large number of samples.”

This has led some virus researchers to proclaim that virus signatures, which are currently the best way to classify threats, will soon be useless. If that happens researchers will have to come up with new ways to find and fight threats.