Feeds

Spam levels bounce back after botnet takedown

Even botnets have backup now

SANS - Survey on application security programs

Spam levels are returning to normal following the recent takedown of crime-friendly ISP 3FN, which temporarily interrupted the operation of a significant spam spewing botnet.

Junk mail volumes dropped 30 per cent after the Federal Trade Commission forced the closure of 3FN in early June, according to Google. Google's latest quarterly spam trends report records a 14 per cent rise in junk mail volumes from the 3FN takedown low by the end of June.

Stats from Postini, the online spam and virus filtering service acquired by Google, reveal that average spam levels in the second quarter of 2009 were 53 per cent higher than in the first quarter and six per cent higher than in the same period of 2008.

The latest figures from security services firm MessageLabs, which is now a part of Symantec, tell a slightly different story. It reckons that the Cutwail botnet experienced a short period of downtime following the shutdown of California-based 3FN ISP (AKA Pricewert LLC and APS Telecom) on 5 June.

However, for the month of June as a whole, spam level were unchanged at around 90.4 per cent of overall mail volumes, after MessageLabs' first level filters threw out email from known bad sources.

Cutwail, one of the largest and most active botnets, was quickly back blitzing email inboxes with useless junk, in sharp contrast to the disruption to the spam economy created by a similar takedown last year, MessagLabs reports.

"Cutwail’s recovery to one-third of its original levels, after only a few hours, highlights the progress spammers have made since the McColo shutdown in November," said Paul Wood, MessageLabs Intelligence senior analyst at Symantec. "Spammers have learned the importance of having a backup for command and control channels."

MessageLabs reports that spam from botnets accounted for the vast majority (83.2 per cent) of all junk mail in June, with the remainder spewing out from compromised mail servers and webmail accounts. Image spam accounted for eight to ten per cent of all junk mail last month, it adds. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.