Spambot infected more than 10,000 service providers in three days, M86 study says
The botnet Asprox, long known for its spamming capabilities, resurged last month, according to a new first-half lab report by M86 Security.
Asprox, which also uses SQL injection techniques to infect vulnerable application service provider (ASP) sites on a large scale, showed a large spike in activity in June, infecting more than 10,000 ASPs in a three-day period, M86 says. The bot downloads instructions, which include target ASP websites, and then performs an SQL injection attack that attempts to poison data in the underlying SQL database serving the site.
Interestingly, the botnet used a simple Google search to seek out additional vulnerable ASP sites, M86 says.
Asprox is typical of the new breed of combined attacks that grew significantly in the first half of 2010, according to the report, which outlines a number of trends in spam and malware.
"Traditional methods [of attack], such as spambots and dynamic code obfuscation, are still very much in use," said Bradley Anstis, vice president of technology strategy at M86 Security. "However, the first half of 2010 has also seen the emergence of new, advanced methods -- as seen in the new combined attacks. Cybercriminals continue to try and outsmart even the latest Internet security protection mechanisms."
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024