If you thought that the McColo shutdown late last year, and the disappearance of Srizbi, meant that botnets were on the run at last, you were wrong. Three months down the road it would seem that spam levels are nearly back to pre-McColo numbers. What’s more, the latest Intelligence Report from Symantec would suggest that a new raft of botnets are largely responsible.

“The potential of these botnets to spam in large volumes is a major concern” admits Paul Wood a MessageLabs Intelligence Analyst at Symantec. “Waledac is believed to be the next generation of the infamous botnet Storm” Wood continues, adding that whilst Waledac malware “was spread at an alarming rate in January, it was dispersing spam in relatively small volumes.” Wood reckons that for the time being the people controlling the botnets are “clearly focusing on growing and developing this new botnet resource rather than using it to spam.”

So what are the top 3 badbot botnets on the block?

1. Mega-D is clearly filling the gap left by Srizbi with the biggest throughput, around 26 million spams per minute on average. It is estimated that each PC infected by Mega-D is sending more than 589,000 mails per day!

2. Cutwail is actually the largest botnet but does not have the same throughput as Mega-D. It averages five million spams per minute, but has the potential to grow considerably.

3. Xarvester is a new botnet on the block and only accounts for less than 5% of all spam, but the throughput rate is high and Symantec reckons it is one to keep a very close eye on for 2009.

The predicted Obama botnet has yet to make any impact on the stats.

A few years back, if you searched for ‘miserable failure’ at Google you quite understandably found a biography of George W Bush right at the top of the results heap. This was due to a certain type of prank which enabled people to influence search results for particular keywords. The process and the prank became known as Googlebombing.

Over the weekend it would appear that the new President of the United States, none other than Saint Barack Obama (at least I think he is now officially a saint, seems that way from the media coverage of his election victory) became the latest victim of the Googlebombing pranksters.

If you performed a Google search for ‘failure’ or indeed one looking for ‘cheerful achievement’ then it was the Obama biography page which rose inexplicably to the top. Heck, even the most stern Obama critic would be hard pressed to call his term in office a failure given that he’s been there less than a week!

It would appear that all the links that used to point to the Bush bio for ‘miserable failure’ had been redirected to point at the Obama one when Bush officially left office. The Googlebomb algorithm developed by Google to detect these things is, according to a Google insider, rather resource intensive as it processes the entire web index. As a result, and because Googlebombs are actually pretty rare events, “we tend not to run it all the time.”

Any-hoo, Google has now run the thing and it detected the Obama Googlebomb which has now been defused. I guess you really shouldn’t misunderestimate how politics can bring out the pranskters.

It would appear that Gary McKinnon has won yet more time before he gets extradited to the US to face the music on charges of hacking into computer systems not only belonging to NASA but also the US Army, Navy and Department of Defence. And all of this right after the terrorist attacks of 9/11. The McKinnon legal team has so far used many tactics in their attempt to prevent McKinnon from justice US style. We’ve heard how he was allegedly threatened with a Guantanamo Bay military tribunal. Although Obama would appear to have knocked that one out of court within days of his inauguration as US President. More recently a different tactic was adopted, one of a willingness to plead guilty to offences under the Computer Misuse Act if prosecuted here in the UK.

For the most part a picture of an alien obsessed nerd has been painted with regards to McKinnon by his legal team. A man suffering from Asperger’s Syndrome, a kind of autism, who merely was intent on getting the proof he knew the US Government was hiding in relation to the existence of aliens and confirmations of UFO sightings.

With time running out, appeals failing and that extradition date looking ever more likely, the McKinnon team have struck it lucky and he may now evade a potential 60 year stretch in a US prison for his activities way back in 2002. For it seems that the High Court has given permission for McKinnon to apply for a judicial review against the extradition decision. This will now take place in the middle of March, leaving extra time for the Director of Public Prosecutions to consider that plea for a UK trial. This has been gathering weight with increasing suggestions that a US trial would not be fair given McKinnon’s mental health.

Indeed, the mental health issue is at the centre of the whole case now. On the 16th March the High Court will have to consider if extraditing someone with Asperger’s Syndrome constitutes torture, inhuman or degrading treatment as defined by the European Convention of Human Rights.

Everyone is getting excited by the upcoming Barack Obama Presidential inauguration. Everyone, including the Obama spammers it would seem. With less than 24 hours to go until the historic inauguration ceremony, the spammers are busy getting malware loaded messages out with headlines promising amazing news that Obama is standing down before stepping up.

Apparently, if the spammers are to be believed, Obama does not want the responsibility of saving a sinking ship and so has decided to refuse to accept the US Presidency. Of course, every message comes with a link promising the official news from the man himself, and which takes the unsuspecting to a cloned version of the Obama campaign website which comes with a few surprises. The main one being the opportunity to get infected with the Waledec botnet.

Such blended threats are nothing new, however the fact that the whole world is currently reaching something of a climax as far as Obama-madness is concerned is clearly worrying. Given the appetite for any Obama news right now the chances are high that people will let their guards down and the malware in. Waledec is a pretty new botnet, and thought to be the latest creation from the people behind the Storm botnet. It is only a month old, but is continuing to operate in the same way as Storm before it.

“Barack Obama’s inauguration is just one day away. Clearly, there is significant public interest in an event as historic and anticipated as this and the spammers are exploiting it. Spammers have used social engineering ploys like this time and time again to entice spam recipients into clicking on links without thinking. These headlines are designed to catch out recipients by shocking them with the unbelievable,” explained Phil Hay, senior threat analyst for the Marshal8e6 TRACE Labs.

How many new technology ideas did you come up with last year? IBM has just shattered the record for the number of US patents in a single year with more than 4000 of them.

Apparently, IBM has broken the record for the number of US patents granted in a year with 4186 during the course of 2008. This marks the 16th year on the trot that IBM has dominated the US patents process. What is kind of impressive, I guess, are how those numbers stack up against other big players in the tech game. The IBM patents count is just about triple that of HP and, remarkably, more than those granted to Accenture, Apple, EMC, Google, HP, Microsoft and Oracle added together!

The closest competitor was Samsung, with an impressive 3515 patents. Microsoft managed 2030, Intel 1776, Sony 1485 and HP 1424.

But IBM is not stopping there, as it has also announced that it intends to apply the same intellectual property leadership in order to drive both innovation and economic growth by increase the number of technical inventions published annually by 50 percent to more than 3000. That is, to publish these openly instead of going through the patent process, so they will be freely available to anyone else.

IBM has also revealed that it intends to contribute the advanced statistical and analytical capabilities of IBM Research to a collaborative project in order to develop an “empirical measure of patent quality.” Or put another way, make patents work better by enabling better quality measurement and comparison of issued patents and applications.

“IBM’s leadership in the strategic use of intellectual property is based on balancing proprietary and open innovation,” said Dr. John E. Kelly III, IBM senior vice president and director of IBM Research. “Our goal is helping stimulate innovation as public investments in large infrastructure projects are being planned to boost global economies. We also anticipate that adding additional transparency to the patent system will help tackle the continuing patent quality crisis, which is impeding inventors, entrepreneurs and companies of all sizes.”

As long as none of them were for issuing virtual badges like a recent Amazon one, or even worse the Microsoft patent for Page Up Page Down.

Happy New Year, not! So far this month there have been reports of potentially thousands of jobs to go at Microsoft and as many as 20,000 jobs to go at Dell, IBM and Lenovo. These on top of reports from the end of last year which talked about 17,500 jobs being slashed at BT, Sun and Yahoo!

You might excuse me, therefore, for not being particularly upbeat about things when it comes to the economic crisis and the IT business.

However, IT and security professionals are a lot more optimistic, it would seem, when it comes to predictions about their own budgets during the course of this year. At least if what they have been telling Finjan as part of an IT security survey is to be believed.

Finjan conducted the survey amongst some 200 IT and security pros, focusing upon determining trends for allocating IT budgets this year compared with last. Unsurprisingly, it discovered that when it comes to the total IT budgets for 2009 these are reduced compared to 2008. Surprisingly, and thankfully it has to be said, the same is not the case when it comes to that part of the budget dedicated to security.

Here’s what the survey said about security budgets:

38 percent do not expect a change in their 2009 budgets
34 percent indicated that they expect them to be slightly smaller
34 percent expect their IT security budgets for 2009 to go up
43 percent expect their IT security budgets to remain the same

“During an economic downturn it is to be expected that all budgets come under scrutiny. Organizations are trying to get the most out of their spending and reduce the Total Cost of Ownership of their IT investments - efficiency being the name of the game.” said Yuval Ben-Itzhak, Chief Technology Officer at Finjan. “While 2008 saw IT security departments facing new challenges in protecting valuable business data against an ever-increasing wave of cybercrime attacks, 2009 is adding a further economic challenge to the mix. As a result, organizations are looking for a comprehensive security solution with low TCO that covers all their Web security needs and is also simple and easy to manage” he concluded.

It is that time of year when tax returns have to be filed and payments made. To remind folk of their financial and legal obligations, HM Revenue & Customs (AKA the tax office) have been running a high profile advertising campaign. This uses simple scare tactics to get the message across: file and pay by January 31st or we will fine you £100.

No wonder that the self-employed and small businesses across the UK are getting into a last minute flap to comply. No wonder the phishing conmen have seized upon the annual chaos and confusion to try and scam them out of their valuable financial data.

Yes, it is yet another security warning to kickstart the year. At least this one does not involve Stephen Fry. The Websense Security Labs ThreatSeeker Network has uncovered a sophisticated scam which uses a cloned copy of the official HMRC tax office website, hosted in Denmark and using an identical stylesheet to the real thing, along with convincing email messages to operate the sting.

First comes the email, cleverly advising that the rarest and most treasured of all things, a tax refund, is due to the recipient. “After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of £99.23. Please submit the tax refund request and allow us 3-6 days in order to process it.” It appears to come from the tax office, and contains a link back to the cloned HMRC website. Just as clever, once the mark visits the site and inputs the requested data such as name, address and credit card information they get redirected to the real HMRC tax office site.

Of course, there are a number of warning signs to flag up here that even the terminally idiotic should spot:

1. The tax office never takes between 3-6 days to process a refund, 3-6 weeks is more like it.

2. The tax office is unlikely to be refunding your overpayment into a credit card account, so why ask for this information?

3. The tax office sends good old fashioned printed letters with details of refunds, and payments due. I cannot recall ever having received a single email from HMRC in some 20 years of being self-employed.

We already know a lot about Windows 7, mainly because details of the new Microsoft OS have been leaking like crazy for the past four months. We know it will scale to 256 processors and could well feature some kind of instant on functionality. We know that it is unlikely to be the death of XP although Vista is a different proposition.

We know that some people have already got a legit free copy and that a beta is due real soon now. We also know that a pirate version of Windows 7 is doing the rounds as a Torrent from the likes of Pirate Bay.

We know that many people will be tempted into downloading this to take a sneak peek at the new OS, and we also know that this is a very bad idea. Funnily enough, we are not alone in reaching this conclusion, and Rob Rachwald of Fortify Software has pretty much the same reasoning us we do.

Look, forget for a moment the whole software theft, copyright issues, breaking the law stuff. What worries Rachwald, and us, is the fact that you could be opening yourself up to a whole slew of security risks by installing something as low level as an OS when that OS is not even an official Beta but rather a dodgy copy downloaded from a pirate site.

“Reports suggest that pirate versions of an early build of Windows 7, which is under alpha test with developers, is available for file-sharing on the Internet. Given the low level at which this operating system installs on a PC, we recommend users give the version a very wide berth because of the associated security risks” Rachwald says.

But it seems the message is not getting through, and there are unconfirmed reports that many tens of thousands of people have downloaded and installed Build 7000 of Windows 7 from Torrent sites, all with no idea if the build has been tampered with by hackers in some way.

What we do not know is just what malware might be hiding in the close on 2.5 Gb of download.

Not to mention the small matter that, as Rachwald warns “It’s highly unlikely that any IT security application will protect the new operating system from internally-coded malware, so the fall-out from trying an unofficial version of the new operating system could be quite severe.”