Marshal Identifies Six Botnets Spamming 85% of World Spam
Researchers with the TRACE team at Marshal said that six spam botnets together have been currently delivering 85% of total spam over the Internet, as reported by Dark Reading on February 28, 2008.
According to Marshal, the six most powerful botnets identified include Storm, Mega-D, Pushdo, Hacktool.spammer, Srizbi and Rustock. Statistics from Marshal's TRACE team suggest that from these, the infamous Storm and Mega-D are spamming low while Srizbi ranks as the lead spamming botnet, delivering 40% of all spam, with Rustock at 21%, Mega-D at 9%, Hacktool.spammer at 8%, Pushdo at 6% and Storm at just 2%.
Marshal, which has identified the botnets from the name of their bot malware, says that some other botnets, which the security company hasn't still pinpointed, are delivering additional 15% of malware.
During the first week of February 2008, the TRACE team of Marshal publicly announced Mega-D as the current spam king. According to the research group, the Mega-D botnet possibly started in September 2007 and since then, it has been continuously growing. The team also thinks that the people responsible for the Storm botnet might be behind some other botnets too mentioned earlier.
Explaining about the Mega-D botnet, Michael Whitehurst, Vice President of Global Support for Marshal, said that although Mega-D at one stage went offline, yet the spam promoting male enhancement pills remained alive, as reported by DarkReading on February 28, 2008.
Adding further, the security provider said that when Mega-D went offline, its spam volumes shifted to the other botnets such as Rustock, Pushdo, Srizbi and Hacktool.spammer.
According to Tripp Cox, Vice President of Engineering, Damballa, a computer security firm, another Peer-to-Peer (P2P) botnet called MayDay, even stealthier and stronger than the much known Storm, started infiltrating many large enterprises, educational institutions and users of major ISPs in the US during the first week of February 2008.
Based on its research, Damballa thinks that the primary objective of the MayDay botnet seems to propagate spam. The company's research team additionally said that MayDay is capable of evading major antivirus software and had hijacked thousands of computers so far with around 96.5 infected machines are in the US while 2.5% are in Canada.
Related article: Merkel’s Visit to China Interrupted by Hacking Charges
» SPAMfighter News - 08-03-2008