Pushdo/Cutwail is Remarkably Elastic and Productive, Reveal Security Researchers
According to a fresh, step by step analysis of the notorious Pushdo/Cutwail botnet's operations by an enlightened researchers' group, the network that had been subjected to many shutdowns during the recent years is in addition to being remarkably resilient, unbelievably productive too. The Threatpost.com published this on March 15, 2011.
Reportedly, all of the above observations have been condensed within a whitepaper titled "The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns" that a researchers' team has compiled. The team apparently includes experts from the Santa Barbara-situated University of California, The Last Line of Defense as well as Germany-based Ruhr-University Bochum.
Wrote the researchers, 16 Cutwail/Pushdo central C&C servers were accessed for the analysis. Thereafter, it became evident that the servers held data of 2.35 terabyte size, 24 databases containing everything regarding operations along with several billion e-mail ids.
Moreover, it was computed that the financial gain to the botmasters ranged from $1.7m to $4.2m starting June 2009.
Additionally, the Cutwail/Pushdo botnet, which had multiple domains to segregate it that gang members controlled at the ratio of 1:1, was so prolific that just a single sub-botnet pushed 87.7bn spam mails during July 30-August 25, 2010 a period of 4 weeks.
Remarking about the study, a research member Brett Stone-Grass, who's also doing his doctoral thesis at the University of California stated that the fascinating parts included the massive volume of spam mails the botmasters were pumping as also the way they were carrying out the business as professionals, reporting errors and detailed statistics. The Threatpost.com published this.
Meanwhile, acquiescing with Stone-Grass's remark, another researcher Thorsten Holz of Lastline Inc. and Ruhr-University Bochum stated that it astonished him most when he found that the single botnet dispatched such as huge number of spam mails counting to some billions. Securitynewsdaily.com published this on March 15, 2011.
Eventually, the whitepaper reveals that the Cutwail/Pushdo botnet analysis facilitated the researchers to know the distinctive approaches to the present era's spam operations. Indeed, it's a suggestion too that a number of separate crews thrive on the underground market by hiring out these malicious networks.
» SPAMfighter News - 29-03-2011