A Waledac Infected Computer Could Send150K Spam E-mails Per Day

Researchers at ESET, an internet security company in Latin America, conducted a study that says - a bot-infected computer is capable of pushing two spam mails every second, and an aggregate of 150,000 per day.

These facts emerged when the researchers during an experiment infected one of their laboratory PCs with a Waledac Trojan that employs a binary pertaining to a bogus discount scheme launched for Valentine's Day in 2009, and subsequently tracked the system's two-way network traffic. Waledac, which is an improved version of the notorious Storm worm, is a botnet that uses HTTP communications for spewing spam based on news and holiday events.

Taking the experiment forward, the researchers determined the quantity of the e-mail flowed in four phases over a period of one hour throughout the day at different intervals, and computed that the bot sent a mean of 6,548 e-mails per hour.

According to a post in a personal blog by security analyst Sebastin Bortnik for ESET Latin America, the Waledac botnet, which contains an estimated 20,000 bots, could theoretically send 3 Billion e-mails per day in a spamming operation, as reported by DarkReading on July 9, 2009.

Bortnik also wrote that the spam capacity of the Waledac botnet was only theoretical since all the bots were not used throughout the day for distributing junk messages. Nevertheless, it proved how powerful botnets were in general for distributing e-mails and the capacity of Waledac to send spam mails.

Bortnik added that the statistics from the experiment could help users to understand the reason for the slow working of their computers when they were infected as well as the reason for such a lot of spam.

During January 2009, researchers confirmed that Waledac emerged as a reincarnated version of Storm. It was based on HTTP communication that helped it to disguise as well as had strong encryption capability unlike the earlier weak 64-bit RSA encryption when researchers cracked it.

Meanwhile, the present ESET study is a result of the Independence Day-based spam outbreak unleashed by the Waledac botnet on July 4 in the United States.

Related article: A New "Blackmailing" Variant Creeps Around…

» SPAMfighter News - 7/29/2009