New malware threat 'piggybacks' on regular spam

Security provider Marshal has identified a new type of spam, labeling it 'Piggyback spam'.

Security provider Marshal has identified a new type of spam, labeling it 'Piggyback spam'.

This new spam contains typical product advertising messages accompanied by a link to a malicious executable file within the message.

Users who click the link are prompted to download the file, which, if executed, will lead to further malware such as keylogging programs or spambot software being installed onto their PCs.

"In the past, we have seen spam containing embedded links which pull down malicious files. These messages are specifically designed to trick end users into downloading and executing a file," explained Bradley Anstis, director of product management at Marshal.

"What is unusual with Piggyback spam is the link to the malicious file is unrelated to the spam content. Rather, the links are inserted in odd places and essentially hitch a ride or 'piggyback' on otherwise normal spam messages.

"It appears the spammers' motives are twofold: the first is to send out a spam advertising message, the second is to distribute malware. Our experts believe that Piggyback spam may be an opportunistic attempt by botnet operators to increase the size of their spam botnets," said Anstis.

Botnet syndicates sell time on their bots to spammers - like service providers. The size of a botnet and the amount of spam they are capable of shifting relates directly to their bottom line.

Read more on Security policy and user awareness