Home : Security : News

Botnet creators return with Bredolab trojan

The authors of the Cutwail botnet are fighting back to get more market share.

By Asavin Wattanajantra, 14 Oct 2009 at 14:11

This month has seen a large surge in spam carrying a trojan called Bredolab, with a security researcher suggesting this was due to cyber criminals trying to regrow the Cutwail botnet.

Paul Wood, a senior analyst at Symantec, said that Bredolab has existed since April and May in relatively small numbers, but its use had dramatically grown in the last month.

Bredolab is a downloader used to “drop” malware on machines and could be used to infect computers to add to the Cutwail botnet.

It was found in attachments coming from spam mail sent by computers under the Cutwail botnet, which has seen its own numbers decrease in the past year due to ISP shutdowns.

The Cutwail botnet decreased from sending around 45 per cent of spam at the beginning of the year to only 11 per cent in September.

Wood said this could mean that the Cutwail malware authors were trying to respread Cutwail to make up for its losses.

“Cutwail is one of those botnets earlier [that] in the year was very large, but it's been overtaken by a number of other botnets," he said.

“There’s definitely some activity to try and increase its coverage," he added.

Email to a friend

Print this page

< Previous Security : News Next >

Be the first to comment on this article

You need to Login or Register to comment.

Latest Security Analysis & Insight

Who to trust after the VeriSign hack?

Davey Winder questions what data was stolen from VeriSign and wonders why the company hasn't been more forthcoming.

More Security Analysis & Insight

Latest Security Reviews

Check Point 2210 Appliance review

Rating:

Check Point's new 2200 Appliances combined enterprise level network security with an SMB price tag. Its software blades provide a wealth of features, but do they complicate deployment? Read this exclusive review to find out.