Chinese pharamcy spam could be legitimate in origin: McAfee

Oversupply of drugs in the Chinese market the likely culprit, however, Chinese spam responsible for up to 65 per cent of global email volumes

Increases in spam which offers cheap Chinese medicine need not necessarily be a cause for alarm, according to a new report from McAfee.

In its September 2009 <i>Key Spam Trends</i> report, the security company said that the up-tick in this form of spam appeared to be a legitimate reaction to Chinese overproduction of prescription drugs and the need to sell them cheaply to customers outside the country.

Although the number of messages pose real issues — constituting between 60 and 65 per cent of today’s global email volumes — it was inaccurate to view the Chinese pharmacy spam phenomenon as the result of purposeful malicious behaviour by the Chinese government or a single corporation, according to the report.

“Rather, it appears to be the result of a need to export the results of excessive overproduction to a global population that has tightened its purse strings against unnecessary spending,” it reads.

Based on observations of pharmacy spam over the past few months, however, the company concluded there was no end in sight for the high volumes of Chinese spam.

“If excess industrial chemical production in China cannot be dumped on the legal market, then it will continue to find a black market,” the report said. “The need for that black market is too strong to be shut down by international law enforcement.

“On the other hand, there may be a peak to pharmaceutical spam in which the quest for profitability and maintainability eventually balances with the growth rate of the drugs market and reduces the danger of long-term overproduction. This may also result in an overabundance of idle botnet nodes and, as we all know, an idle botnet is the devil’s plaything.”

The report also examined the August 6 distributed denial of service (DDoS) and low-volume spam attack on Twitter\CIO :: Twitter and CIO :: Facebook, aimed at silencing or spotlighting a pro-Georgian blogger who went under the nickname 'cyxymu'.

“The latter seemed primarily to publicly highlight, perhaps to the blogger himself, the target of the attack,” the report reads. “The spam itself was not responsible for the downfall of Twitter, either as mail target or as a click generator. However, a few aspects of the email suggest that the spam was merely an afterthought, or at least not the primary focus of the attacker.

“Whether that attacker was state-sponsored (as many have speculated, though usually without evidence), a self-motivated political hacktivist, or even cyxymu himself, the spam did a good job of bringing cyxymu’s opinions to light. Amateurish inconsistencies in the header data (a BCC header field), lack of creativity in the contents, and the low volume of email are part of the distinctive character seen in this campaign.

Join the CSO newsletter!

Error: Please check your email address.

Tags spammcafeesecurityddosChinatwitterFacebook

More about FacebookMcAfee Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tim Lohman

Latest Videos

More videos

Blog Posts