Old and new botnets behind spam resurgence
Posted on 11 March 2013.
Bookmark and Share
Even when they have other capabilities, botnets are primarily used to send out malicious messages, since that is the easiest - not to mention the least risky - way for botmasters to earn money.


There are many botnets out there, and the number of computers enslaved into each varies day by day. McAfee's latest threat report pointed out that there is a continuing decline in global messaging botnet infections, but there are occasionally new spikes.

Bobax (alias Kraken), Donbot, Grum, Fivetoone, and Rustock have been abandoned for this or that reason, and are effectively dead, while the Bagle botnet is in its death throes, the numbers say.

Festi, Cutwail, Lethic, and Maazben are still out there, doing the work (read: damage) despite some setbacks, but the report shows they are in decline.

Finally, the botnets that are going through a renaissance are Darkmailer, Waledac, Slenfbot, and Kelihos.

"Darkmailer is a spam tool first released in 2003. Each month for three years a small number of senders has been systematically detected by our sensors. In January 2013, we saw a dramatic increase in senders–suggesting a possible evolution in its spamming technique," say McAfee researchers.

Waledac and Kelihos - the malware behind which is thought by some researchers to have the same author - have been hit and crippled by law enforcement actions.

Their botmasters have persevered and have doubled their efforts to bring them back to their former days of glory, but in the case of the Waledac botnet, its masters' efforts to use the Virut botnet to build a new Waledac one have been recently partially stymied by the Polish CERT:


Slenfbot is an IRC bot family known since 2008, and its recent proliferation is partially due to its distribution mechanism: links dropped in messages via chat, instant messaging applications and Facebook.









Spotlight

Dissecting the unpredictable DDoS landscape

Posted on 23 April 2014.  |  DDoS attacks are now more unpredictable and damaging than ever, crippling websites, shutting down operations, and costing millions of dollars in downtime, customer support and brand damage, according to Neustar.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Apr 23rd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //