A group of saboteurs using the world's largest spam botnet, Cutwail, have opted to distribute their malware via the Magnitude exploit kit instead of through BlackHole.
Researchers on the Dell SecureWorks Counter Threat Unit (CTU) said the move came soon after the arrest of Paunch, the author of the infamous BlackHole exploit kit.
The Cutwail botnet has often been used to deliver financial malware, such as the Zeus variant dubbed Gameover, researchers warned.
In one spam campaign, fraudsters tricked users into installing Gameover by sending spurious emails designed to look like browser updates from Microsoft. Instead, the Cutwail spam contained malicious links.