Mega-botnet Rustock stops spamming

Rustock, the once dominant spam botnet, seems to have been taken out of contention.

Botnet

One of the biggest spamming botnets of all time appears to have stopped spewing out messages, yet no clear explanation has been given as to why.

The Rustock botnet, which was pushing out 47.5 per cent of all spam by the end of 2010, stopped spamming yesterday afternoon around 3pm GMT.

Initial reports emerged on the KrebsonSecurity blog, and both Symantec and M86 Security have confirmed Rustock's decline in spam output.

"It is unclear yet who or what caused the shutdown. It's also possible it has been abandoned," said Phil Hay, lead security researcher with M86, on a blog.

"Whatever the reason, let's hope this one sticks. Previous attempts at botnet shutdowns have tended to be short lived as the botnet herders simply regroup and start again. It's too early to say bye bye Rustock, but the thought is certainly nice."

Rustock output was hit last year when Spammit.com, a partner programme responsible for significant amounts of pharmaceutical spam, was shut down.

Since then other botnets emerged as equally prominent spammers.

"This increase from other botnets means that so far, the takedown of Rustock hasn't had much noticeable effect on the overall amount of spam tracked by MessageLabs Intelligence," said Paul Wood, MessageLabs Intelligence senior analyst at Symantec Hosted Services, on a blog.

"Rustock has gone quiet before, over the last holiday season it stopped spamming for several days but came back as strong as ever. Only time will tell if this will happen again."

Overall spam rose in February, according to data from Symantec, following a lull in activity in the latter half of 2010 and the start of 2011.

Average daily spam volume increased 8.7 per cent in February month-over-month, as spam made up 80.65 per cent of all messages, compared with 79.55 per cent in January.

Phishing spike

Meanwhile, there was a significant spike in phishing last month, with an increase of nearly 40 per cent as hackers jumped on automated tools to help them dupe web users, Symantec said.

Phishing websites created by automated toolkits went up by around 50.33 per cent when compared to January, whilst phishing sites with unique URLs increased by 33.73 per cent.

Little changed from the UK perspective, as four per cent of all phishing attacks emanated from the country the same figure as in January.

There was a notable change in the US though, as phishing attacks originating from the country fell by 10 per cent. The nation still remained the worst offender, however, with a 52 per cent share.

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Recommended

Education and government most at risk from email threats
phishing

Education and government most at risk from email threats

26 Nov 2021
Attackers use CSS to fool anti-phishing systems
phishing

Attackers use CSS to fool anti-phishing systems

11 Nov 2021
X-rated phishing attacks just keep growing
phishing

X-rated phishing attacks just keep growing

4 Jun 2021
eBay, Apple, Microsoft, Facebook, and Google were phishers’ top targets in 2020
phishing

eBay, Apple, Microsoft, Facebook, and Google were phishers’ top targets in 2020

20 Apr 2021

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

30 Nov 2021
What is single sign-on (SSO)?
single sign-on (SSO)

What is single sign-on (SSO)?

2 Dec 2021