Reports on eWeek.com and on SearchSecurity.com claim that a highly sophisticated Russian bot-net is pumping out the current surge in image spam.

According to a senior security researcher at SecureWorks, the bot-netters grew their 70,000 strong zombie network with the SpamThru trojan, an innovative piece of malware which not only packs its own pirated version of Kaspersky Anti-Virus to eradicate any competing malware from infected computers, but also uses a list of proxy servers to evade blacklisting by anti-spam agencies.

The researcher also claims to have uncovered evidence that the spammers harvested lists of email addresses from financial institutions:

It also appears the spammer made an effort to obtain more targeted lists of email addresses by hacking into smaller investment news Web sites and other e-businesses and downloading their user databases,” he said. “This is likely due to the fact that pump-and-dump stock spam seems to be a primary motive of the botnet.

Mail.app users can get some level of protection by creating a rule to filter some of these images spams out.

David Reitter takes a slightly different approach with a different rule.

Fastmail users (and others with tweakable server-side spam protection) may get some extra relief from this tip on EmailDiscussions.com which creates a more sophisticated rule.

[Via Daring Fireball ]

Tags: Apple Mail, bot-net, email, image spam, Junk, mail.app, rules, trojan

Related posts

• Christmas cheer: No image spam for me
• Another Mail.app rule to catch image spam
• A Mail.app rule fix for image spam
• Using Mail.app to archive Gmail
• The mail client of your dreams