11:00 AM
Mahateer
The sudden drop in activity of a major spam producer looks to be the result of the largest co-ordinated attack on spammers.
At 15:30 GMT on 16 March, a network of spam-producing computers, known as Rustock, suddenly stopped.
It also appears that the infrastructure needed to control the spam network has been disrupted.
Security researchers said that would make it the largest ever take down of a cyber crime network.
In 2010, the Rustock botnet - a collection of infected machines - was the most prolific producer of spam on the internet, at its peak accounting for nearly half of all spam sent globally - some 200 billion messages a day.
Prolific spammer
The volume of spam coming out of Rustock has fluctuated wildly recently, so sudden drops in activity are not uncommon.
But usually, the spikes in activity last for 12 to 16 hours, Vincent Hanna of anti-spam group Spamhaus told BBC News.
"When Rustock stopped yesterday it was in mid-campaign," he said.
Furthermore, the botnet seems to be unable to communicate with its command and control infrastructure, he said.
Continue reading the main story
“
Start Quote
The malware used embeds itself deep in the operating system, making it difficult to identify”
Paul Wood
Symantec.cloud
Computers within botnets are controlled by other machines which send out instructions of when to instigate spam campaigns or other attacks.
But disrupting the command and control infrastructure is a Herculean task.
It requires the co-ordination of security groups with insight in to how the botnet operates, the participation of law-enforcement agencies, domain name registrars and internet service providers that can potentially be located in different time zones, said Paul Wood, a security researcher at Symantec.
Posted in 
Posts
0 comments:
Post a Comment