A new spam campaign is exploiting several mobile phone companies to target users in Australia and Germany. The messages pretend to be MMS messages from popular carriers Telstra and Vodafone, and ask recipients to open the included attachment to read them.
If the recipients open the attachments, malware is installed, and when it’s installed it connects to a remote server and downloads even more malware. The malware takes over the computer, steals personal information, and most likely connects the infected computer to a botnet so it can pump out more malicious spam, and it’s specially configured and encrypted to avoid detection.
While right now the malware being distributed by this campaign is hard for anti-virus programs to pick up, I don’t see it being widely successful. Most people know if you get an MMS message it will show up on your phone just like a text message, not be emailed to you in an attachment. I have to say the chances of people falling for this one are low. It’s definitely imaginative though and not something seen before.
Malicious spam rose in popularity this year and it doesn’t look like that trend is going to change anytime soon. Spammers, perhaps due to the numerous botnet shutdowns of late, seem almost desperate to acquire new zombies. This may also be due to the fact that spammers have begun seeing the value in quantity over size and have started cultivating groups of small botnets rather than creating one huge one. Having small groups of botnets makes detection more difficult and recovery after shutdowns a lot easier.
What do you think of this campaign? Is it silly or ingenious?