Must Read: Mint 15: Today's best Linux desktop (Review)

Topic: Security

Spam drops sharply over Christmas

Summary: Spam levels declined sharply over the festive period, after falling for the last half of 2010, according to MessageLabs Symantec Hosted Services

Tom Espiner

By |

The amount of spam being pumped out by networks of compromised computers dropped sharply over the festive period, according to Symantec.

The security company's subsidiary MessageLabs said the steep drop was in part due to spam coming from the Rustock botnet slowing to a trickle, while two botnets, Lethic and Xarvester, appear to have ceased activity.

Read this

Dutch police take down Bredolab botnet

Authorities in the Netherlands have arrested the suspected mastermind and seized the servers behind the malware-spamming botnet, which was built in layers 'like an onion' for protection

Read more+

"Rustock is sending spam in much-reduced volumes, while the other two botnets have stopped sending spam altogether," MessageLabs intelligence senior analyst Paul Wood told ZDNet UK on Thursday.

Wood said that the last time there was such a significant drop in spam was after the takedown of the McColo ISP in November 2008. However, there did not appear to be any similar events — or any major anti-botnet police operations over the festive period — that could have prompted the recent drop, he added.

Nevertheless, the Rustock botnet dropped from a high of sending 44 billion spam messages per day on average in the last quarter of 2010 to between 100 million and 500 million spam messages per day over the Christmas holidays. Rustock is still involved in other cybercrime operations, including click-through advertising fraud, said Wood.

A drop in spam for Canadian pharmaceutical products contributed to the overall reduction in spam volumes, he added.

Zombie computers
One possible reason for Rustock reining in spam could be that the botnet's controllers are concentrating on other operations, Wood suggested. "The people behind Rustock may be exploring other areas of business," he said.

Read this

Cable reveals US concerns over Chinese cyber-warfare

Diplomats in China are concerned that official access to Microsoft source code could be used in cyber-warfare by the country, according to a Wikileaks document

Read more+

Symantec expects other botnets to take the place of Rustock, including the Grum botnet, which is noted for sending pharmaceutical spam. While Rustock has between one million and one-and-a-half million zombie computers, and Grum consists of between 300,000 and 450,000 compromised machines, the latter still has the capacity of sending eight billion spam messages per day, according to Wood.

Other security vendors have noted a reduction in the flow of junk emails. For example, Cisco company IronPort has tracked a significant decline in spam levels since July, with average daily levels dropping from 300 billion to under 100 billion items per day in November 2010.

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.

Topic: Security

About

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Google+ Contact

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion
CNET Join | Log In | Privacy | Cookies Close