The top 10 spam botnets: New and improved
1: Grum (Tedroo)
Grum is the future for spam botnets. It’s a kernel-mode rootkit and thus hard to detect. It’s also sneaky, infecting files used by Autorun registries. That guarantees it will be activated. This botnet is of special interest to researchers. It’s relatively small, only 600,000 members. Yet it accounts for almost 25 percent, or 40 billion spam-emails a day.
Grum focuses on pharmaceutical spam. You know the kind. There must be money in this, as most spam botnets are involved with it to some degree.
2: Bobax (Kraken/Oderoor/Hacktool.spammer)
Bobax confuses botnet hunters, being somewhat related to the Kraken botnet. Recently, Bobax went through a rewrite. The authors converted command and control traffic to HTTP, making it more difficult to block and trace.
Right now, Bobax has only 100,000 members, yet it produces 27 billion spam messages a day. That’s 15 percent. Or more impressively, 1,400 spam email messages per bot per minute. Bobax appears to be a botnet for hire, as the type of spam varies.
3: Pushdo (Cutwail/Pandex)
Pushdo started at the same time as Storm, in 2007. Storm is all but gone. But Pushdo is still going strong, sending out approximately 19 billion spam email messages a day from one and a half million bots. Pushdo is the downloader, which gains access to the victim computer. It then downloads Cutwail, the spamming software.
The Pushdo/Cutwail botnet spews spam with a wide variety of subject matter, including pharmaceuticals, online casinos, phishing schemes, and links to malware-laced Web sites.
4: Rustock (Costrat)
Click link below for full article
Related posts: