Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


FireEye Did Well to Knock Out Mega-D

The botnet that once accounted for an estimated third of the global spam traffic has recently been kicked out of the charge, and the credit goes to researchers at FireEye, a California-based company that manufactures security products.

After minutely analyzing the intrigues of the massive botnet, also known as Ozdok and Mega-D, the personnel at the FireEye launched a coordinated attack on dozens of its command and control channels in the first week of November. The channels were used to relay new spamming commands to the mass of zombies that constitute the network.

According to M86 Security blog, the spam stopped almost immediately. In 2008, the e-mail security firm estimated that the botnet was the major source of spam until some of its servers were taken down.

Mega-D, a network of hijacked computers, accounts for sending over 4% of the world's spam, revealed M86 Security. Most of the systems that constitute Mega-D are infected home PCs.

It is worth noting that Mega-D is one of the several botnets that have implemented advanced technologies to ensure that its owners don't lose control of hacked PCs. The hijackers use command and control servers to send instructions to zombies, like when to initiate a spam campaign.

In case of Mega-D, the compromised PCs will seek certain domain names so as to download instructions, wrote FireEye's Atiq Mushtaq on the company's blog, as per the news published by PCWorld on November 10, 2009.

On the night of November 5, 2009, FireEye initiated its assault, contacting ISPs which had systems acting as command-and-control servers for Mega-D. The links for IP addresses used by Mega-D were shut by all but four service providers, informed the firm.

In the meantime, after the McColo case, cybercriminals are no longer depending on a single block to host their command-and-control servers. Apart from this, most botnets, at present, are equipped with a "fallback" mechanism. Even shutting down the backend servers will not post a long-lasting impact on many of the present day botnets.

Related article: Free Web Host Services: spammer’s bull’s eye

» SPAMfighter News - 11/23/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page