Asprox Botnet Following Peak Activity in 2014, is Now Silent

According to Palo Alto Networks the security company, attack schemes making use of the notoriously operating Asprox botnet is principally out of scene after its activities peaked in 2014, published scmagazine.com dated August 13, 2015.

As per one Monday post, the botnet running all through last year within numerous spam campaigns for disseminating malicious software, which didn't just increase the botnet's size, however, silently planted more malware onto infected computers, practically couldn't be detected starting January.

Palo Alto doesn't think that authorities have apprehended the perpetrators of the assaults.

According to Director of Intelligence Ryan Olson with Palo Alto Networks' Unit 42, the perpetrators possibly closed their operations for determining one fresh method to carry out the same activity. Scmagazine.com reported this.

Furthermore according to Olson, the attackers might've realized security outfits developing additional methods for detecting and deactivating their malicious program so far as when it wasn't any more profitable to use that malware.

He wrote it was possible the botnet controllers altered their tactics while the changeover slipped Palo Alto's notice. Nevertheless, the company checked and found that the C&C meaning command-and-control infrastructure of the Asprox stopped working at the time, if not over an extended period.

Olson also wrote that his company hadn't still observed any evidence of the perpetrators getting arrested alternatively compelled towards halting operation; therefore, it was likely they had discovered techniques for eluding the security sector's detection strategies. He opined that after all, malware getting dispatched to the rate of 80% unambiguously made the situation important enough to be everybody's priority. Cio.com reported this August 10, 2015.

Earlier during 2015, Security Researcher Brad Duncan at cloud computing firm Rackspace too observed a change: bulk e-mail campaigns, which seemed characteristically similar to which Asprox dispatched, delivered some other malware. Cio.com reported this.

During November 2008, when the infamous McColo ISP based in California, which provided cyber crooks their network connectivity, shutdown Asprox like many botnets were affected with a dramatic reduction in spam volume. However, Asprox along with other botnets returned, and now Palo Alto sees Upatre as the most commonly used malicious program.

» SPAMfighter News - 8/24/2015