Home & Office

Botnets lead way in spam charge

Over 83 percent of spam in June were sent from botnets, says new report. Instant messages with malicious links and Web-based malware are also on the rise.
Written by Vivian Yeo, Contributor

Spam made up 90.4 percent of all e-mail traffic in June, with botnets accounting for over 80 percent of unsolicited messages, according to a new report from Symantec's MessageLabs.

Spam sent out from networks of zombie PCs made up 83.2 percent of unsolicited e-mail messages this month, MessageLabs said Tuesday in a statement. In May, 57.6 percent of spam was sent from known botnets, with Donbot responsible for around 18.2 percent of these messages.

According to the messaging security specialist, the biggest botnet currently is Cutwail, which has doubled in size and output per bot since March. At its peak, Cutwail had an army of 1.5 to 2 million active bots, but the shutdown of Californian ISP Pricewert earlier this month caused the botnet to have a downtime of several hours.

Cutwail, however, bounced back within hours, noted MessageLabs. It currently has an output of around one-third of its original capacity. Other major botnets include Rustock, Grum, Donbot, Bagle, Xarvester, Mega-D, Gheg, Asprox and Darkmailer.

In the last six months, spam targeting the healthcare sector have risen steadily, reported MessageLabs, in part due to the digitization of health records and government regulations in the United States. Spam levels may hit 90 percent before the end of 2009, said the company.

The most spammed vertical in June, was the accommodation and catering sector which had a spam rate of 92.3 percent. Spam levels for the recreation industry reached 92.1 percent, the public sector 90.8 percent and the retail market 90.2 percent. The financial industry registered spam levels of 87.5 percent.

Web-based malware, malicious links in IM up
Also in June, there was an average of 1,919 new Web sites per day harboring malware and other potentially unwanted programs including spyware and adware. This represented an increase of 67 percent over May.

Over half, or 58.8 percent, of all Web-based malware MessageLabs intercepted during the month was new, a month-on-month increase of 24.6 percent.

Data from MessageLabs also shows that more hyperlinks in instant messaging (IM) conversations are stepping stones to "instant malware".

In June, one in 78 hyperlinks found in instant messages linked to Web sites hosting malicious content, compared with one in 200 at the end of 2008. The hidden malware typically tries to perform a drive-by attack on a vulnerable Web browser or browser plug-in, said the company.

One in 80 IM users, predicted MessageLabs, may receive a malicious instant message each month.

Editorial standards