It makes the computer become a platform to send spam messages massively and attempts to redirect the traffic to certain Internet sites. It spreads via email messages and instant messaging programs.

It sends spam messages advertising pharmaceutical products and which contain a link to a website where these products can be purchased. It does not spread automatically using its own means.

Today our lab has detected a flood of spam messages that contain a malicious link from which malware is downloaded. We’ve seen more than 8,000 in a few hours. These emails have the following subjects: Fw: FW: Re: RE:FW: Re:Fw: RE: The content of these messages is just a link to a website. The following are some examples: http://anonymfiles.reda.co.kr/archive0714/?id=email@domain.com http://archivedv.kr/archive0714/?id=email@domain.com http://filearchredb.or.kr/archive0714/?id=email@domain.com http://files.reco.kr/archive0714/?id=email@domain.com http://files4friends1e3eq.co.uk/archive0714/?id=email@domain.com http://incognireda.ne.kr/archive0714/?id=email@domain.com http://postcayrxc.kr/archive0714/?id=email@domain.com http://secretarcredn.kr/archive0714/?id=email@domain.com http://secretfiyrxo.co.kr/archive0714/?id=email@domain.com http://sendspyrxs.co.kr/archive0714/?id=email@domain.com If ...

Many Twitter users still haven't got over this weekend's BZPharma LOL phishing attack, and now a new campaign is being spammed out from compromised accounts directing users to a site selling herbal viagra to improve sexual performance.

A typical spam message reads:

Get bigger and have sex longer. go here http://example.com/?rid=http://callbling.com

where 'example.com' can vary.

Clicking on the link redirects users to a website called callbling.com. It doesn't take a rocket scientist to work out what they're trying to sell to you..

I'm afraid that the only thing which might get bigger is the spammers' bank accounts.

My suspicion is that the accounts sending out the spam message will include many of the sites that were compromised in the earlier BZPharma LOL phishing attack which has been such a big problem on Twitter over the weekend.

As before, the spam messages aren't just being sent via direct message (DM). They are also appearing on public profiles, possibly because of third party services such as GroupTweet automatically republishing DMs.

If you see any unusual messages being posted from your Twitter account, please please change your password as soon as possible.

Notable highlights this month include the continuing shift of the region of message origin to APJ and South America, and changes in the average size of spam messages.