Mega-botnet Rustock stops spamming

Powered by SC Magazine
 

Rustock, the once dominant spam botnet, seems to have been taken out of contention.

One of the biggest spamming botnets of all time appears to have stopped spewing out messages, yet no clear explanation has been given as to why.

The Rustock botnet, which was pushing out 47.5 percent of all spam by the end of last year, stopped spamming yesterday afternoon around 3pm GMT.

Initial reports emerged on the KrebsonSecurity blog, and both Symantec and M86 Security have confirmed Rustock’s decline in spam output.

“It is unclear yet who or what caused the shutdown. It's also possible it has been abandoned,” said Phil Hay, lead security researcher with M86, on a blog.

“Whatever the reason, let's hope this one sticks. Previous attempts at botnet shutdowns have tended to be short lived as the botnet herders simply regroup and start again. It's too early to say bye bye Rustock, but the thought is certainly nice.”

Rustock output was hit last year when Spammit.com, a partner programme responsible for significant amounts of pharmaceutical spam, was shut down.

Since then other botnets emerged as equally prominent spammers.

“This increase from other botnets means that so far, the takedown of Rustock hasn’t had much noticeable effect on the overall amount of spam tracked by MessageLabs Intelligence,” said Paul Wood, MessageLabs Intelligence senior analyst at Symantec Hosted Services, on a blog.

“Rustock has gone quiet before, over the last holiday season it stopped spamming for several days but came back as strong as ever. Only time will tell if this will happen again.”

Overall spam rose in February, according to data from Symantec, following a lull in activity in the latter half of last year and start of this year.

Average daily spam volume increased 8.7 percent in February month-over-month, as spam made up 80.65 percent of messages, compared with 79.55 per ent in January.

Phishing spike

Meanwhile, there was a significant spike in phishing last month, with an increase of nearly 40 per cent as hackers jumped on automated tools to help them dupe web users, Symantec said.

Phishing websites created by automated toolkits went up by around 50.33 percent when compared to January, whilst phishing sites with unique URLs increased by 33.73 percent.

There was a notable drop in the US, as phishing attacks originating from the country fell by 10 percent. The nation still remained the worst offender, however, with a 52 per centshare.

This article originally appeared at itpro.co.uk

Copyright © ITPro, Dennis Publishing


Mega-botnet Rustock stops spamming
 
 
 
Top Stories
Qld Transport to replace core registration system
State's biggest citizen info repository set for overhaul.
 
Innovating in the sleepy super industry
There’s little incentive to be on the bleeding edge, so why is Andrew Todd fighting so hard?
 
How technology will unify Toll
The systems headache formed through 15 years of acquisitions.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  7%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  21%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 897

Vote