NOW READ THIS
("Security Advisory")
Submitted by: Bill Hickey
NCVA List Master
NRT-0420 Research Team Names Top Six Spamming Botnets:
A Threat Research and Content Engineering (TRACE) research team from a global leader
in email and internet content security has identified six botnets that currently are
responsible for distributing 85% of all spam. The six top-spamming botnets include
Srizbi, RUstock, Mega-D, Hacktool.spammer, PUshdo, and Storm. Srizbi leads the pack,
sending 40% of spam; Rustock 21%; Mega-D 9%; Hacktool.spammer 8%; Pushdo 6%; and Storm
only about 2%.
Earlier in February, the TRACE research team publicly pegged Mega-D as the "king of spam,"
spewing about 32% of the world's spam and definitely overtaking Storm. Mega-D suddenly
shut down its botnet after attracting the attention of internet security firms that had
analyzed its command and control infrastructure. However, spam associated with Mega-D
shifted to four of the other major spam bots - Pushdo, Hacktool.spammer, RUstock, and
Srzbi. Recently, the 35,000 bot Mega-D botnet began spamming again and was sending more
spam than the 85,000 bot Storm.
The MayDay botnet can evade leading antivirus products and has compromised thousands of hosts,
with about 96.5% of the infected machines in the US and about 2.5% in Canada. MayDay is
considered a potential successor to Storm, although not nearly as large.
(darkreading.com 28FEB08)