Security Firms Cautions of the Return of Botnets
Symantec's MessageLabs, an extremely well-positioned Internet security firm, during the first week of March 2010, reported growing magnitude of spam e-mails that used Transport Layer Security (TLS), which performs encryption activities or is considered as Secure Sockets Layer. Basically, TSL is a manner by which e-mail data is secured when messages are transmitted between the end-user and server.
It is reported that the Rustock botnet, employing TLS, encoded junk e-mail in this way to the tune of 35%. In its most recent Intelligence Report, MessageLabs states that this rate has jumped a good 77% during the end week of March 2010 with respect to the botnet's functioning for the entire month of March.
According to the experts, organizations have been challenged because TLS increases higher processing requirements from e-mail servers unlike in the case of non-TLS traffic. In the latter case, processing requirements was around 1KB per spam e-mail.
Furthermore, Rustock is positioned as No.3 in leveraging massive spam campaigns ever since its debut during 2008. It was the most affected network when McColo shutdown during the initial six months of 2009. The damage thus caused was possibly responsible for the botnet's evolution in enhancing its own protection.
Understandably, it isn't only the MessageLabs hosted messaging vendor that detected Rustock's utilization of TLS.
Other vendors, including M86 Security, the US-UK messaging agency and Sweden's CronLab that TechWorld contacted during the last week of March 2010 too said they noticed increased TLS-encrypted junk e-mail.
Spam expert Phil Hay of M86 Security said that his organization established a node with TLS inside their Labs, and in the course of time, found that a few Rustock networks were in fact utilizing TLS, as per the news published by PCWorld on March 29, 2010. Hay continued that his firm's statistics reveals that Rustock is continuing to lead in the distribution of spam and its novel utilization of TLS suggested its rising scale of sophistication.
The expert further stated that it quintessentially implies that organizations can not any longer depend on using TLS for dropping spam. For, it does have an impact on system resources just like any type of encryption has.
Related article: Securities Push Up A Must For Web Companies
» SPAMfighter News - 09-04-2010