The top 10 'most wanted' spam-spewing botnets

By , Network World |  Security, botnet, spam

Spam continues to grow largely due to the growth in malicious botnets. Many botnets are command-and-control systems used by criminals and are still the main way that spam is spewed into your e-mail box. M86 Security says that the worldwide spam volume has now climbed to 230 billion messages per day, up from 200 billion at the start of 2010.

America's 10 most wanted botnets

M86 Security has created the "Top Ten Most Wanted" Spam-Spewing Botnets list, many of them are believed to be controlled in Eastern Europe by criminals who manipulate compromised systems, mostly PCs, around the world to generate spam, according to M86.

1. Rustock (generating 43% of all spam)

The current king of spam, its malware employs a kernel-mode rootkit, inserts random text into spam and is capable of TLS encryption. Concentrates solely on pharmaceutical spam.

2. Mega-D (10.2%)

A long-running botnet that has had its ups and downs, owing to the attention it attracts from researchers. Concentrates mostly on pharmaceutical spam.

3. Festi (8%)

A newer spambot that employs a kernel mode rootkit and is often installed alongside Pushdo on the same host.

4. Pushdo (6.3%)

A multi-faceted botnet or botnets, with many different types of campaigns. A major distributor of malware downloaders and blended threat e-mails, but also sends pharma, replica, diploma and other types of spam.

5. Grum (6.3%)

Also employs a kernel-level rootkit. A wide range of spamming templates changes often, served up by multiple Web servers. Mostly pharma spam.

6. Lethic (4.5%)

The malware acts as a proxy by relaying SMTP from a remote server to its destination. Mostly pharma and replica spam.

7. Bobax (4.3%)

Another long-running botnet that employs sophisticated methods to locate its command servers. Mostly pharma spam.

8. Bagle (3.5%)

The name derives from an earlier mass-mailing worm. Nowadays, Bagle variants act as proxies for data, and especially spam.

9. Maazben (2.0%)

By default, uses a proxy-based spam engine. However, it may also use a template-based spam engine if the bot runs behind a network router. Focuses on Casino spam.

10. Donbot (1.3%)


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

SecurityWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question
randomness