Feeds

Spam levels bounce back after botnet takedown

Even botnets have backup now

Beginner's guide to SSL certificates

Spam levels are returning to normal following the recent takedown of crime-friendly ISP 3FN, which temporarily interrupted the operation of a significant spam spewing botnet.

Junk mail volumes dropped 30 per cent after the Federal Trade Commission forced the closure of 3FN in early June, according to Google. Google's latest quarterly spam trends report records a 14 per cent rise in junk mail volumes from the 3FN takedown low by the end of June.

Stats from Postini, the online spam and virus filtering service acquired by Google, reveal that average spam levels in the second quarter of 2009 were 53 per cent higher than in the first quarter and six per cent higher than in the same period of 2008.

The latest figures from security services firm MessageLabs, which is now a part of Symantec, tell a slightly different story. It reckons that the Cutwail botnet experienced a short period of downtime following the shutdown of California-based 3FN ISP (AKA Pricewert LLC and APS Telecom) on 5 June.

However, for the month of June as a whole, spam level were unchanged at around 90.4 per cent of overall mail volumes, after MessageLabs' first level filters threw out email from known bad sources.

Cutwail, one of the largest and most active botnets, was quickly back blitzing email inboxes with useless junk, in sharp contrast to the disruption to the spam economy created by a similar takedown last year, MessagLabs reports.

"Cutwail’s recovery to one-third of its original levels, after only a few hours, highlights the progress spammers have made since the McColo shutdown in November," said Paul Wood, MessageLabs Intelligence senior analyst at Symantec. "Spammers have learned the importance of having a backup for command and control channels."

MessageLabs reports that spam from botnets accounted for the vast majority (83.2 per cent) of all junk mail in June, with the remainder spewing out from compromised mail servers and webmail accounts. Image spam accounted for eight to ten per cent of all junk mail last month, it adds. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
Ello? ello? ello?: Facebook challenger in DDoS KNOCKOUT
Gets back up again after half an hour though
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.