Feeds

Undead botnets blamed for big rise in email malware

Grave concern over reanimated cyber-corpses

Choosing a cloud hosting partner with confidence

Malicious spam volumes increased dramatically in the back half of 2009, reaching three billion messages per day, compared to 600 million messages per day in the first half of 2009. But this is still a tiny fraction of the estimated global spam volume, thought to be about 200 billion messages per day.

A new report by net security firm M86 Security points the finger of blame for the torrent of malware, phishing and other scams (collectively defined as malicious spam) and junk mail more generally towards botnet networks of compromised machines. It reckons five botnets were responsible for 78 per cent of the malicious spam it fought in the second half of 2009.

M86 reports that the major spam botnets such as Rustock, Pushdo (or Cutwail) and Mega-D continue to dominate spam output, supported by second-tier botnets such as Grum, and Lethic. Rustock alone pushed out 34 per cent of spam in 2H09. Pushdo zombie drones puked out one in five spam messages (20 per cent), with Mega-D zombies account for 9 per cent of the global junk mail nuisance.

Just like Mega-D before it, the Lethic botnet has returned from the grave since it was decapitated by the combined efforts of security firms and ISPs in early January, a sign that criminal hackers are building more resilient systems with better "disaster recovery" features.

"The spamming botnets are constantly in flux, waxing and waning, morphing, becoming obsolete, being replaced, taken down, and upgraded," M86 explains. "It is important to identify the major contributors to the volume of spam, so the industry can take action against them, such as the botnet takedowns that have already occurred."

In related news, Symantec warned on Wednesday about a new targeted email attack designed to seed agents of the Cutwail botnet on corporate systems.

Botnet clients offer a handy tool for information stealing and launching denial of service attacks, as well as distributing spam. A recent study by net security firm Damballa ranks the ten worst botnets by number of infections within enterprise networks.

This survey rates the infamous ZeuS spyware agent as the greatest menace to corporate security, with the Koobface worm, which spreads via messages on social networks, a close second. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?