Select Page

Cyren Security Blog

CYREN Notes Botnet Expansion: Increase in Malware Distribution Correlates with Decrease in Spam—Companies Urged to Remain Alert to Malware Detection and Mitigation

In recent weeks, CYREN has noted a dramatic increase in the number of active malware-sending bots, which appears to correlate with a slowdown in spam-sending bots. Periodically throughout the year, CYREN analysts see these types of fluctuations. Reasons vary, although CYREN analysts suspect that botnet owners are “repurposing”, with the primary objective to expand the botnet; malware is increasing and the reduction in spam volume comes from the cybercriminal’s desire to expand and “groom” the botnet. By using the bots to send out malware (instead of spam), the cybercriminal is able to “recruit” new bots and further mature the botnet. Once the botnet has been suitably developed it can be repurposed to start sending out spam again.

The graph below illustrates the correlation between spam-sending and malware-sending bots. Each line (red=spam and blue=malware) represents two different data sets that have been overlaid. While malware volume (in total numbers) never actually rises above the volume of spam at any point in the timeline, by correlating the two data sets the peaks and valleys of botnet cybercrime become clearer.

tl_files/assets_cyren/images/blog/20141113_blog.png

CYREN is urging companies to stay vigilant as it is very likely that new large-scale malware attacks will increase in the coming weeks, as exemplified in our post of 5 November UPDATE: CYREN Continues to Analyze Significant Malware Attack.

If there is one reason to have good zero-hour protection, times like this are it. To learn more about virus outbreak detection technology, visit CYREN Virus Outbreak Detection.

You might also like

Square Enix Phishing Campaign

From July 20 until August 16, 2021, Cyren observed a significant increase in the number of Square Enix phishing URLs. The campaign coincided with 14 days of free play announced by Square Enix on July 12, 2021. During this period, we detected a total of 47,076 URLs for...