The spammers have returned with a vengeance as malicious spam hit "epic" levels in August, according to security experts.
M86 Security said it saw a "huge surge" in malicious spam which has far exceeded anything it has seen in the past two years.
The majority of the spam was put out by the notorious Cutwail botnet, with the Festi and Asprox botnets showing themselves to be significant contributors too.
Last week, 13 per cent of the overall spam volume consisted of malicious spam, marking an "unusual" jump, according to M86. On Monday, that proportion increased to 24 per cent.
"Four of the campaigns, which we identified as originating from the Cutwail botnet are mostly recycled spam themes Fedex, credit card, changelogs and invoices," M86 explained in a blog post.
"The malware is attached within a compressed ZIP archive and is a Trojan that downloads additional malware including Fake AV, SpyEye and the Cutwail spambot itself."
Spammers used typical tricks, such as telling users there credit card had been blocked, promising more information in an attached file. Anyone opening the attachment would risk infecting their machines.
It seems spammers have returned from a holiday break and are enthusiastically back to work.
Other spam offered rebates on purported accidental charges from hotels, as well as messages appearing to confirm UPS deliveries.
"This is an epic amount of malicious spam. After multiple recent botnet takedowns, cyber criminal groups remain resilient, clearly looking to build their botnets and distribute more fake AV in the process," M86 added.
"It seems spammers have returned from a holiday break and are enthusiastically back to work."
Spam had seen a significant drop earlier this year, largely thanks to a Microsoft-led operation taking on the Rustock super spammer botnet.
-
Tired of legal AI tools that overpromise but underdeliver? The secret to success is in your firm’s dataSponsored Don't let legal AI tools overpromise and underdeliver: the secret to success isn't the software, but building a secure, stable, and connected data foundation that transforms your firm's complex, siloed information into structured knowledge.
-
Cisco wants to take AI closer to the edgeNews The new “integrated computing platform” from Cisco aims to support AI workloads at the edge
-
Seized database helps Europol snare botnet customers in ‘Operation Endgame’ follow-up stingNews Europol has detained several people believed to be involved in a botnet operation as part of a follow-up to a major takedown last year.
-
Horabot campaign targeted businesses for more than two years before finally being discoveredNews The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular
-
Brand-new Emotet campaign socially engineers its way from detectionNews This latest resurgence follows a three-month hiatus and tricks users into re-enabling dangerous VBA macros
-
Microsoft says “it’s just too difficult” to effectively disrupt ransomwareNews The company details its new approach to combatting cyber crime as the underground industry drains $6 trillion from the global economy
-
Beating the bad bots: Six ways to identify and block spam trafficIn-depth Not all traffic is good. Learn how to prevent bad bots from overrunning your website
-
Ukraine's vigilante IT army now has a DDoS bot to automate attacks against RussiaNews The 270,000-strong IT Army of Ukraine will now combine supporters' cloud infrastructure to strengthen the daily attacks against their invaders
-
Microsoft's secure VBA macro rules already being bypassed by hackersNews Recent analysis of Emotet activity has revealed a shift away from malicious Office documents to drop malware
-
Emotet infrastructure has almost doubled since resurgence was confirmed
News Researchers confirm the infrastructure has also been upgraded for a "better secured", more resilient operation
