The 2007 rise of Storm was a harbinger – this new kind of social malware is continuing to grow and increase in sophistication. New, widespread malware botnets which share characteristics with Storm include Srizbi, Bobax and Kraken/Kracken. IronPort is tracking these botnets and implementing protective measures against their infection mechanisms. In addition, IronPort monitors and identifies new threats designed to exploit software vulnerabilities (such as those found in application like Adobe Flash Player), as well as website redirects, Google exploits, and spam attacks that take advantage of “Out of Office” autoreplies to validate email addresses and even hijack corporate mail servers.
For most of the last thirty years, spam has been an annoyance, created by individual amateurs. Those days are over. As Storm shows, today’s extremely organized, technically savvy, well funded malware efforts are comparable in scale to legitimate software vendors. Talented engineering teams have now moved to the dark side, and are a threat to every organizational network and individual with an email account and Web browser. (link)