Mega-D Botnet Returns with More Vigor

According to security experts, following the closure of McColo, a prominent spam hosting facilitator, some botnets that have not been badly affected seem to be re-attacking consumers. Out of the three prominent botnets, Mega-D, Srizbi and Rustock, the first was terminated after McColo went offline. However, it has made a comeback and re-started spamming large volume of messages, say specialists from TRACElabs of security firm Marshal8e6.

Security specialists revealed that Mega-D botnet is notorious for sending huge number of spam mails that advertise sex enhancement remedies. Its creators have been constantly working since the 3rd week of November 2008 to establish control and command servers and re-connect them with their botnet. With their efforts, they have changed the botnet, which now exhibits characteristics distinct from the previous one.

Moreover, the compromised computers of Mega-D now use templates that Rustock earlier used, an interesting development. This indicates that the Mega-D spammers have followed and copied pieces from their competitors. Or, it also mean that the people behind both Rustock and Mega-D are working together, or are now a combined entity.

Lead Threat Analyst for the Marshal8e6 TRACElabs, Phil Hay, said that spam from Mega-D botnet has been rapidly increasing in the past few days, reaching as high as 48% of the total spam the firm captured in its spam traps, as reported by ITNewsOnline on December 8, 2008.

Hay further said that a number of security investigators, including those at Marshal8e6, forecasted that spam volume was expected to eventually rise again, following McColo's shutdown. According to him, based on the observations of Mega-D's activities during the 1st week of December 2008, that act appeared to have already started. Hay suggested that although spam volume is still merely 40% of the total volume during September 2008, they appeared to have become two folds since the end week of November 2008, indicating that spammers are-stimulating their activities.

However, according to the reports, analysts are continuing to examine the location of systems connected with Mega-D, while neither Marshal8e6 nor its rivals are ready to point the blame as yet.

Related article: Mac OS X Devoid of Malware, Vexing Experts

» SPAMfighter News - 16-12-2008

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial