An updated look at botnets

Today I looked up the most prolific botnets for the month of July.  Earlier this year the grum botnet was disrupted.  How have things changed since then?  Here’s a look at the top 15 botnets hitting our networks for the month of July by total mail volume: My observations: Cutwail is the #1 botnet, which…

0

Researchers knock out the grum botnet

Over on the New York Times blogs page, writer Nicole Perlroth writes about how security company SpyEye, in conjunction with Spamhaus, worked together to take down the Command-and-Control centers (C&C’s) associated with the grum botnet, purportedly the world’s 3rd largest botnet.  From the Times: On Wednesday, computer security experts took down Grum, the world’s third-largest…

0

Today is my 8-year anniversary of fighting spam

Today is my 8-year anniversary of fighting spam.  It was July 12, 2004, that I got the job at Frontbridge as a spam analyst and we headed down to Los Angeles for 4 weeks of training.  Here’s a recap of 8 general trends that have happened since then: Image spam – In 2006, there was…

1

Homeland Security, Cybercrime and terrorism, part 2

I started rambling in my previous post about the article in Forbes.  I had something else to say and I am adding it here.  The government and industry are changing.  Government used to have a laissez-faire attitude towards botnets and malware but now they realize that they need to partner together.  New initiatives have sprung…

0

According to the Department of Homeland Security, cybercrime is a bigger threat than terrorism

An article in Forbes the other day reports on US Secretary of Homeland Security Janet Napolitano’s comments that ‘cybercrime represents the “greatest threat and actual activity that we have seen aimed at the west and at the United States” in addition to “or other than Al Qaeda and Al Qaeda-related groups.”’  From Forbes: Addressing an…

1

White House announces anti-botnet initiative

I was reading yesterday that the White House has announced an anti-botnet initiative in order to further its online safety agenda. From Engadget: The White House has been drumming up momentum for tighter internet privacy laws for a while now, and today it’s furthering that online safety agenda with a new initiative for combating botnets….

0

Has the Zeus disruption affected spam at all?

I’ve written a number of times in the past about which botnets send us the most spam.  Cutwail is always in the top 3. With the Zeus disruption, has this affected Cutwail at all?  Cutwail is not necessarily related to Zeus; as I said in my previous post, online criminals don’t need to spam in…

0

Microsoft disrupts the Zeus infrastructure

Over the weekend and this morning, Microsoft, working in conjunction with others, issued civil lawsuits to sinkhole numerous domains associated with the Zeus botnet.  When I say “botnet”, I use the term loosely because Zeus is not a botnet in the sense that Rustock or Waledac is (or was).  Rather, Zeus is a tool kit…

0

Predicting the future of abuse, part 2

Following on from my previous post, what does the future of Internet abuse look like?  Here’s what I think: The proliferation of smaller devices will shift malware away from PCs to phones and tablets Crime will not go away.  The reason criminals started writing botnets for mobile applications is because they are popular with users. …

0

Predicting the future of abuse

A couple of months ago, I wrote about IBM’s predictions for 2016, and one of those was that there would be no more spam.  As I look around at other predictions about the future, I say to myself “Self, what do I think will be the future of abuse?” The problem is that I am…

0

How frequently do botnets reuse IP addresses?

I wonder how much botnets reuse IP addresses.  Do they infect a system and spam, get blocked, discard the IP and move onto the next (new) one?  This means that they have a nearly unlimited supply of IP addresses.  Or do they infect a system and spam, get blocked, and then let it go dormant…

0

Top bots in 2012 so far

Sometimes I read articles about the size of botnets.  For example, this article on Krebs on Security is called “Who’s Behind the World’s Largest Spam Botnet?”  Krebs names grum as the biggest botnet. How is the size of the botnet measured?  There are multiple ways, here are three: Which botnet contains the most distinct sending…

0

Security News Daily’s Top 10 Stories of 2011

As I was reading stories around the Internet, as per my daily ritual, I stumbled across Security News Daily’s Top 10 Biggest Security stories of 2011, by Matt Liebowitz.  As I went through it, I thought to myself “What the—? Did these guys copy me?”  There’s a lot of overlap there.  It just goes to…

0

The Top 10 Spam, Malware and Cyber Security Stories of 2011

Well, here we are, the start of 2012.  If you’re like me, you’ve read a bunch of stories online about the top news stories, movies and books of 2011.  But what about the top 10 cyber security stories of 2011?  That’s what I am here for, to give you the rundown! This is a very…

0

Spam is on the decline; what are the implications?

Previously, I wrote that the total amount of spam that we are seeing has seen a significant decline over the past year and a half.  What does this mean in real terms?  Are we finally winning the fight against spam? There are multiple angles.  On the one hand, processing spam takes significant system resources: It…

0