Snowshoe Spam is on the Rise – What can be done about it?

snowshoes02In our 2014 Threat Report, we noted that snowshoe spam was gaining popularity amongst spammers using new techniques to evade detection and sneak through loopholes in anti-spam laws. Over the last several months, we’ve noticed the volume of snowshoe spam continuing to build at a tremendous pace.

Snowshoe spam is essentially unsolicited bulk email. And it’s been effective, because like a snowshoe, it spreads the load across a large area. In this case, distributing spam across a huge range of IP addresses many of which are used briefly, and only once, sending out massive volumes of spam in very short bursts. The temporary aspect of these campaigns has also given rise to the term ‘hit-and-run’ spam. Naturally, this technique makes it challenging for filters to determine spam based on reputation.

Continue reading

Sophos Warbiking exposes Wi-Fi hotspot dangers in San Diego

warbiking-san-diegoWe took our Warbiking tour to San Diego to raise awareness about wireless security, and we discovered that people in this high-tech city are connecting to thousands of unprotected wireless networks.

San Diego is a very technology-focused place, with lots of people connecting their mobiles and laptops to Wi-Fi hotspots around the city. And much like other cities we’ve visited such as New York and London, people may be unaware of the worrisome lack of security on many of these hotspots.

Chester Wisniewski, Sophos Senior Security Advisor, toured the city on his specially-equipped bike, picking up the signals of 8,048 Wi-Fi networks, to find out what kind of security they were using.

Continue reading

It’s Kill a Zombie Day, so clean up malware and help stop cybercrime!

zombie-150If you want to help stop cybercrime and protect yourself from malware threats at the same time, today is a perfect day to do it: Kill a Zombie Day.*

We’re not talking about the kind of zombie you see in cult movies like Dawn of the Dead. No, these zombies are malicious programs that take control of your computer and turn it into an undead walker in the army of a cybercriminal.

The first step in killing a zombie is finding out if your computer is infected with malware or viruses. You can do that by downloading our free Virus Removal Tool and running it.

The tool will automatically grab the latest virus detection identities from Sophos and scan your computer’s memory and hard disk for malware. If you do find any zombies, the Virus Removal Tool will clean them up for you, too.

Continue reading

The Rotten Tomato Campaign: New SophosLabs research on APTs

rotten-tomato-150An advanced persistent threat (APT) malware campaign seen in August and September 2014 is the subject of new research by one of our threat analysts at SophosLabs.

Sophos is calling this malware campaign “Rotten Tomato,” in reference to the Tomato Garden campaign; and because some of the samples were rotten in the sense that they were not effectively executed.

In a new technical paper on the threat, Principal Threat Researcher Gabor Szappanos, of SophosLabs Hungary, writes an interesting dive into the world of the attackers, examining the malware used by cybercriminals in these attacks, and shows how several different groups used the same zero-day Microsoft Word exploit.

Continue reading

SophosLabs at VB2014: How cunning malware fights analysis by security researchers

SophosLabsMalware is constantly getting smarter and harder to detect. Now malware authors are developing new techniques to avoid not just antivirus, but the environments used by security researchers to analyze malware samples, according to new research from SophosLabs.

James Wyke, Senior Threat Researcher with SophosLabs UK, will be presenting his research on these techniques at the Virus Bulletin 2014 conference in Seattle, running 24-26 September.

In a preview of his presentation, James writes at Naked Security that his paper explores several malware families and a variety of techniques used to throw researchers off the trail.

Continue reading

Sophos on ABC World News: Free Wi-Fi networks have security risks (Video)

wifiWireless networks are everywhere, but they aren’t always secure. In New York City, where millions of people connect to free but insecure Wi-Fi hotspots every day, it’s the same story.

Chester Wisniewski, Sophos senior security adviser, explains just how easy it would be for hackers to take advantage of unsuspecting people, in a segment that appeared Monday night on ABC World News.

Watch the video below or on the ABC World News website to see the full interview with Chet.

Continue reading

Spam-Bot Invaders: Which countries send the most spam? (Infographic)

Spam-Bot-Invaders-150Recently we measured spam volume from around the world to find out which countries are the worst spam offenders. As we expected, the United States sends out way more spam than any other country – 24.2% of all spam was from the U.S.

When you consider the country’s huge online population, it’s not surprising that the U.S. sends so much spam. Spam comes from “bots” – computers infected with malware and under the control of a criminal. “Bot masters” can use servers anywhere in the world to give the bots instructions. So spam-bots in the countries on our list aren’t the authors of the spam, they are more like the messengers.

While it’s interesting to call out the 12 “dirty dozen” countries that send the most spam by volume, we also like to look at the amount of spam by population. It’s a diverse list of nations, and even small countries have a big spam problem.

Continue reading