Feeds

DDoS attacks fall as crackers turn to spam

Baron Samedi and chums redeploy zombie armies

Remote control for virtualized desktops

Denial of service attacks are falling out of favour with black hat hackers because using compromised machines to send spam is a more lucrative - and less risky - way of making money illicitly.

Networks of compromised PCs can be used for purposes including relaying junk mail or flooding targeted websites with spurious traffic.

Symantec reckons the noticeable fall in denial of service attacks it witnessed in the second half of 2006 is down to the growing difficulty in launching such attacks, and getting victims to pay up even if these assaults are successful. Stealthier misuse of compromised PCs - such as sending spam - poses far less risk, the security firm argues.

Symantec recorded an average of 5,213 denial of service (DoS) attacks per day in the second half of 2006, down from 6,110 in the first half of last year. The US was the target of most DoS attacks accounting for 52 per cent of the worldwide total.

"DoS attacks are loud and risky. Whenever a bot-network owner carries out a denial of service attack they run the risk of losing some of their bots. This could happen either because an attacking computer is identified and disinfected, or if it is simply blocked by its ISP from accessing the network," Symantec researcher Yazan Gable notes in a posting to Symantec's Security Response Weblog.

Gable adds that the "up-front" costs in setting up a botnet before any hope of payment, as well as the possible loss of an entire bot network if a command and control server is identified, also act as a deterrent.

"It is likely that bot network owners are now moving away from DoS extortion and towards more lucrative ventures like spam. Not surprisingly, we saw a noted increase in spam volumes in the last six months of 2006," he added. ®

Remote control for virtualized desktops

More from The Register

next story
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.