New Rustock Botnet Trying to Expand Itself
According to Marshal, a vendor of software security, a large sized botnet named Rustock is sending spam projecting exploitative news headlines with the aim to compromise users' computers and expand its network.
The spam campaign has been targeting numerous private Websites and small businesses primarily in China and the US.
According to Marshal, the news headlines include - "Yahoo sold to Microsoft, record price", "Al-Qaeda Reports Declining Revenues in Fiscal '08" and "Bush Down to 8 Friends on MySpace" and others, are used to entice victims into following a malicious link.
Moreover, according to Phil Hay, Threat Analyst in Marshal's TRACE Team, people do not take the exploiting headlines seriously, while some are believably alluring, as reported by itnews on July 25, 2008.
Hay stated that the Rustock spammers seem to be trying with different headlines to find out which types get the maximum responses from recipients.
Nevertheless, if a user clicks on any of the mentioned links, a Web page appears, containing a fake video along with a malicious pop-up that encourages for the installation of an infected file called 'codecinst.exe.'
Meanwhile, Security Researchers in Marshal's TRACE Team indicated that the botnet pushed out 21.5% of worldwide spam, going up 11.5% in just one month.
According to the records provided by Marshal, Rustock has an estimated 150,000 infected computers in its network that distributes nearly 30 Billion spam mails every day, making it an operator of probably the largest spam campaign so far.
Hay further said that although Rustock is not a familiar name to many people, it is pretty well known to the security specialists. Rustock, which has been running in different forms for over two years, is today's most stable spambot.
Meanwhile, Marshal claimed that there are 2,300 new exploits and trojans appearing every day, twice the number recorded in the beginning of this year (2008).
Nevertheless, according to Sophos, there has been a decline in the number of attacks using e-mail attachments as the firm's research lab data for 2008 show a drop in malicious file attachments from 0.3% to 0.04% of all legitimate e-mails.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 04-08-2008