Worldwide Spam Falls 12% Following Bredolab Takedown: Fortinet

Fortinet the security company declared its Threat Landscape Report for November 2010 on December 1, 2010 according to which, worldwide spam dropped 12% ever since Dutch authorities shut down an enormous Bredolab botnet via disconnecting over 140 servers from the Net.

Remarking about this discovery, Project Manager Derek Manky for threat research and cyber security at Fortinet stated that Bredolab was frequently utilized for filling spam engines that were typically utilized for selling fake drugs. Marketwatch.com published this on December 1, 2010. Manky added that the Bredolab with its gigantic scale made an enormous influence over spam volumes, reducing them a sheer 26% within 7 days following the shutdown.

Additionally, another botnet, Koobface that sends junk e-mails to widely used social-networking websites was tentatively closed during November 2010, as per the report. Actually, Coreix the ISP in U.K disconnected 3 MotherShip servers of the Koobface botnet from the Internet on November 14, 2010. Koobface exchanged messages with these command and control servers through the application of third-party services, Fortinet highlights.

But, the Koobface bot network rebounded.

Manky stated that Fortinet witnessed communication reinstated within 5 days on November 19, 2010. That probably was because Koobface had FTP-harvesting software. Infosecurity.com published this on December 1, 2010. Manky added that by changing the configurations of their third party C&C servers in favor of fresh MotherShip servers, the botnet-controllers apparently restored their hold over the malicious network.

Meanwhile, Fortinet, in its report, also lists the ten most prevalent samples of e-threats and these are: W32/Krypt.D!tr.dldr (47.6%), HTML/Iframe.DN!tr.dldr (16.1%), W32/Injector.fam!tr (6.3%), W32/Kriz.3863 (4.6%), W32/Netsky.P@mm (1.3%), W32/Refroso.JUA!tr (1.0%), Adware/PlatriumSA (0.6%), W32/Openconnection.F542!tr (0.3%), JS/HtmlProt!tr (0.3%), and W32/Katusha.N!tr (0.3%).

Moreover, it outlines that USA continues to be the lead country for spreading malicious software. During November 2010, 46.7% of all malicious software was spotted as emerging from USA. Other countries following it were Japan (35.4%), France (24.7%), China (14.0%), and India (13.0%).

Besides, Fortinet reports that the largest volume of spam striking during November 2010 also originated from the United States at 10.45%. Other countries following it were France (7.77%), Japan (7.62%), Taiwan (3.58%) and Italy (3.13%).

Related article: World Find New Weapons of Mass Destruction - eWMD

» SPAMfighter News - 12/14/2010