Feeds

Spam levels bounce back after botnet takedown

Even botnets have backup now

High performance access to file storage

Spam levels are returning to normal following the recent takedown of crime-friendly ISP 3FN, which temporarily interrupted the operation of a significant spam spewing botnet.

Junk mail volumes dropped 30 per cent after the Federal Trade Commission forced the closure of 3FN in early June, according to Google. Google's latest quarterly spam trends report records a 14 per cent rise in junk mail volumes from the 3FN takedown low by the end of June.

Stats from Postini, the online spam and virus filtering service acquired by Google, reveal that average spam levels in the second quarter of 2009 were 53 per cent higher than in the first quarter and six per cent higher than in the same period of 2008.

The latest figures from security services firm MessageLabs, which is now a part of Symantec, tell a slightly different story. It reckons that the Cutwail botnet experienced a short period of downtime following the shutdown of California-based 3FN ISP (AKA Pricewert LLC and APS Telecom) on 5 June.

However, for the month of June as a whole, spam level were unchanged at around 90.4 per cent of overall mail volumes, after MessageLabs' first level filters threw out email from known bad sources.

Cutwail, one of the largest and most active botnets, was quickly back blitzing email inboxes with useless junk, in sharp contrast to the disruption to the spam economy created by a similar takedown last year, MessagLabs reports.

"Cutwail’s recovery to one-third of its original levels, after only a few hours, highlights the progress spammers have made since the McColo shutdown in November," said Paul Wood, MessageLabs Intelligence senior analyst at Symantec. "Spammers have learned the importance of having a backup for command and control channels."

MessageLabs reports that spam from botnets accounted for the vast majority (83.2 per cent) of all junk mail in June, with the remainder spewing out from compromised mail servers and webmail accounts. Image spam accounted for eight to ten per cent of all junk mail last month, it adds. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
Bad PUPPY: Undead Windows XP deposits fresh scamware on lawn
Installing random interwebs shiz will bork your zombie box
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.