Online junk mail is at its lowest level since November of 2008, but the reason for the decline of spam is one more likely to cause heartburn than relief.
There is less spam because there are fewer botnet nodes sending it out, according to the June edition of Symantec's State of Spam and Phishing report. The biggest factor was the closure of the Rustock botnet, which was credited with sending almost half of all spam messages.
The total number of botnet nodes has not decreased, the report found.
So other botnets should have stepped in to take on the economic opportunity of serving the spam-sending needs of scammers and false-advertisers worldwide, but were apparently busy doing more profitable things, like conducting DDOS attacks, which have increased dramatically during the same time.
Spam made up 72 percent of all the email sent across the Internet in May, according to the June edition of Symantec's spam report (PDF download).
Though ridiculously high, that percentage is actually a steep decline from last May, when spam made up nine out of every 10 messages moving across the Internet.
Rustock shut down in March after U.S. Marshals – backed by lawyers from Microsoft who did much of the legwork and legal preparation – raided five hosting sites in the U.S. and cut off communication from the IP addresses giving commands to the botnet
Spammit.com, an affiliated site that generated huge volumes of fake-pharmaceutical spam advertising, was also shut down.
"This decrease in spamming activity may be evidence that increased investigation of the spam underworld has both disrupted the affiliate networks, such as Spamit, that pay for spam campaigns, and led to botnet controllers looking to keep their heads down so as not attract the attention of a legal investigation by sending large volumes of spam," Symantec analyst Martin Lee wrote in the report.
Traffic from other botnets has also dropped, however.
The Bagle botnet dropped its output from 8.3 billion spams per day to 1.6 billion, according to TheRegister.
At the same time spam was dropping, DDOS attacks increased, as did other profitable uses for botnets, including "fraudulent click-thrus on unsuspecting websites for financial gain, host illegal Web site content on infected computers, harvest personal data from infected users and install spyware to track victims' activities online,” according to Paul Wood, senior intelligence analyst, Symantec.cloud.
At least they're keeping themselves busy.