Botnet Festi Rising Tremendously
Security researchers of MessageLabs (an e-mail security firm now owned by Symantec) has come up with findings related to a latest botnet known as Festi, which hit the list of ten largest spam sending botnets in September 2009.
For the first time, the researchers started examining Festi strongly in August 2009, which, at present, sends almost 2.5 Billion spam e-mails per day around the globe. The botnet has seemingly boosted the volume of spam by employing more bots, around 60% of which are located in Asia, 18% in Europe and 9% in North America.
Although botnets receive significant attention because of their ability to conduct distributed denial-of-service (DDoS) attacks, their main usage at present seems distribution of spam.
Security experts informed that the first kind of spam Festi is discharging is e-mails endorsing male enhancement pills that lead to a pharmacy website of Canada. The second kind of spam e-mails come with subjects like classic automatic, submariner limited coca cola edition, omega de ville co axial chronograph, classic quartz, or Hermes Watches and carries links to a site selling jewelry and watches.
While explaining its modus operandi, security experts stated that Festi may attack its victims through drive-by downloads and it has near about 25,000 bots. Its malware is kernel-based spam bot, which is unusual. It is a little bit odd for users to see a latest spam bot coming out already using rootkit capabilities and running straight out of the kernel.
On the other hand, in terms of worldwide ranking of the botnets, Festi has proved to be one of the spamming heavyweights. Further, the firm states that presently Festi is at the fifth position, after the leading four botnets: Cutwail, Bagle, Grum and Rustock (which together account for over 80% of the global spam volumes).
In the meantime, security experts have cautioned that considering the fairly sudden rise of Festi, it is expected to garb more attention in coming times. Moreover, it would be interesting to note where it is ultimately finds itself among the world's largest botnets.
Related article: Botnet Misuses Google Analytics
» SPAMfighter News - 18-11-2009