‘Cutwail Botnet Is Back’
According to news published on February 20, 2012 in GnT, Cutwail had its zenith five years back when it guided the botnet activity list with 1.6 million contaminated systems. Nevertheless, the botnet could not sustain its leading market position as spammers infringed the system and revealed credentials of clients and associates.
During January 23-25, the quantity of grimy posts was 50 times higher, and three more effects from February 6 were found to be 200 times elevated. The M86 Security Labs says that such mails contained topic lines like "FDIC Suspended Bank Account", and "Scan from Xerox WorkCentre", among others.
In a few cases, the 'Cridex' data-stealing Trojan has been set up. The botnet makes use of the 'Phoenix Exploit Kit' that is flourishing in the black market and attains over 15% infection rates. Tests, carried out by M86, illustrate that exploit downloads and installs malware. Besides spam, it was utilized to carry out cyber attacks in 2010.
Conspicuously, security firm Symantec's MessageLabs expects that the Cutwail managers now run almost two million systems across the globe, making it the biggest botnet on the planet. Other main spam botnets talked about by MessageLabs are Asprox, Darkmailer, Rustock, Grum, Xarvester, Mega-D, Gheg, Donbot, and Beagle.
The top four spam classes, according to M86, are pharmaceutical (47%) replicas (13%), gambling and dating (12% each). These groups reveal the ease of use and magnetism of those different marketing associate programs which cybercriminals join to generate money.
Related article: “Loopholes did not cause online banking thefts”: ICBC
» SPAMfighter News - 24-02-2012