Old and New Botnets Responsible for Spike in SpamWritten by Sue Walsh on March 13, 2013
While spam levels continue to decline take botnet activity with it, a new report says that there are still occasional spikes in activity, and some familiar names are to blame. Festi, Cutwail, Waledac and Kelihos are still out there and pumping out spam, even as they show signs they are on the decline. Another botnet, Darkmailer, has shown a sharp increase in activity, suggesting the criminals behind it have begun using a new technique.
The era of the monster botnets is over, thanks to better detection techniques and ramped up law enforcement efforts. Some of the largest botnets in history are now history themselves thanks to Microsoft and the FBI, who teamed up to eradicate botnets. Rustock, Donbot, and Grum are among the big names and another, Bagle, is close to death. Botmasters made an attempt to bring Waledec back to its former glory, only to be shut down by Polish authorities. While it’s still pumping out spam, its activity levels are low and showing no signs of growth.
Do botnets still have a place in spam distribution? Perhaps, but not the way they used to. They’re much smaller now, probably to avoid detection, and use much more sophisticated techniques to avoid shutdowns. With SMS and social media spam much more popular than traditional email spam, some botnets are being used to compromised websites rather than crank out emails, although some are still used to carry out phishing attacks. Cybercriminals seem to prefer affiliate scams and ransomware as their money making scams of choice, but that doesn’t mean you can turn off your spam filter. Spam may be declining but it’s not going anywhere anytime soon.