Rustock Botnet Behind Rise in Spam

When the spammer friendly ISP McColo was shut down late last year, spam levels dropped sharply. This was due in large part because several large botnets had been hosted by McColo and were knocked offline. However the good times didn’t last. Spam levels have returned to pre-McColo levels now that the spammers have found new homes for their activities. Most moved to servers in Estonia and Romania knowing those countries do little to curb spamming or other cybercrimes.

Since January, spam has risen 60% and a whopping 40% of that is thanks to the Rustock botnet. Rustock focuses on image spam and spoofing HTML templates from legit newsletters to give recipients the illusion that their spam is legitimate and professional.

A full 90% of all email sent is spam. 10% of that is image spam and 75% is spam hawking shady pharmaceuticals and online pharmacies. The rest is made up of various types of other spam such as the 419 scam and ads for loans and fake designer merchandise.

Hackers have been busy as well. 70% of sites containing malware are legit sites that have been compromised, usually by having programming flaws exploited via an SQL injection attack or cross scripting. Those techniques have been used repeatedly to attack Twitter in recent months.

Experts advise making sure all the computers on your network have the latest Microsoft updates installed and keep their anti-spam and anti-virus programs up to date.