Tag: botnet

Email Spam Volumes Fall to Lowest Level in Two Years: Symantec

A recent report from Symantec declared that spam volumes in January 2011 fell to the lowest levels, since March 2009. The spam volumes seemed to drop dramatically since 25th December of 2010 and continued its phase in January. The only time that spam volumes dropped by such a remarkable extent was after the closure of McColo, a California-based ISP in 2008, for being implicated in criminal and botnet activities.

Dramatic decline in spam levels
Spam, in January 2011, accounted only for 78.6% of the total email traffic. This was a 3.1% drop since December 2010 and a significant 65.9% lower compared to same period, a year ago. However, the spam rate is still alarming with 1 in every 1.3 mails being a spam one. The fall of the spam was credited to the apparent fall in activity of 3 major botnets – Rustock, Xarvester and Lethic.

Spam levels – Country wise for January 2011

  1. Oman – 88.8%
  2. China – 84.6%
  3. Hungary – 83.3%
  4. Luxembourg – 82.8%
  5. Kuwait – 81.9%
  6. South Africa – 80.0%
  7. US – 78.8%
  8. UK – 78.7%
  9. Canada – 78.3%
  10. Australia – 77.3%

Minute increase in phishing activity
One in 409.7 emails was found to comprise of a phishing attack in January 2011, said Symantec. This was a small 0.004% increase since December 2010. Phishing levels in US were 1 in 892.8 emails. South Africa was the most targeted geography by email phishing attacks with one in 51.7 emails blocked as phishing email. Other top targeted geographies by phishing emails are as follows:

  • UK – 1 in 188.6 emails
  • Canada – 1 in 204.6 emails
  • UAE – 1 in 247.3 emails
  • Oman – 1 in 248.4 emails

Increase in new malicious domains
Symantec message labs has identified an average of 2,751 malicious websites each day, in January 2011. Around 44.1% of them were identified to be new domains, a 7.9% increase from December 2010. These websites contained malware and other potentially unwanted programs including spyware and adware. 21.8% of all malware blocked on these sites was new. Another recent report from OpenDns said that 53.8% of all the phishing websites were hosted out of US.

Though email spam has decreased in volumes, web-based malware seems to increase in both volumes and coming up with new forms. The report suggests that organizations can combat the lurking threats by a policy-based security model. It is also important for users to choose an antivirus that is proactive in detecting malware and offers real-time updates for malware database.

Hackers who created botnet with 12.7 million computers busted

Spanish police working with the FBI and other police forces have arrested three suspects for running world’s biggest computer hacking scam through a bots network called Mariposa.

This is a crucial win for security experts over hackers and a relief to millions of people who use internet everyday. The network of mariposa botnet is spread around 190 countries infecting over 12.7 million computers. These included computers of the US Fortune 1000 companies to computers of major banks. Spanish police reported the recovery of details like bank account details, credit card numbers, usernames, passwords, etc., of over 800,000 people. The amount of loss due to this botnet network is yet to be determined.

Mariposa is a Spanish word for butterfly. It was announced as a new botnet by Defence Intelligence in May 2009. This bot is known to spread through crucial vulnerabilities in Internet Explorer as well as contaminated USB sticks. It is very hard to nab creators of botnet as these criminals operate disguising the source of their Internet traffic or through an infected computer (called zombie) belonging to another person. It seems that it is the blunder made by one of the operators of mariposa – forgetting to conceal their IP address – that helped Spanish police to catch this gang.

The infected computers still remain tainted. The worst part is that most of the owners are still not aware that their computer is a botnet. Use a reliable, robust and updated version of antivirus solution in your PC to detect any traces of botnet.

Read more about Botnet and PC security here.