Back To Microsoft Windows Forum

Spam drops as Microsoft takes down large Rustock Botnet

  • Bigwebmaster
  • Site Admin
  • Site Admin
  • User avatar
  • Joined: Dec 20, 2002
  • Posts: 8925
  • Loc: Seattle, WA & Phoenix, AZ
  • Status: Offline

Post March 22nd, 2011, 9:30 am

Quote:
Today, I’m happy to announce that based on the knowledge gained in that effort, we have successfully taken down a larger, more notorious and complex botnet known as Rustock. This botnet is estimated to have approximately a million infected computers operating under its control and has been known to be capable of sending billions of spam mails every day, including fake Microsoft lottery scams and offers for fake – and potentially dangerous – prescription drugs.


http://blogs.technet.com/b/microsoft_on ... otnet.aspx

The Microsoft led initiative by the Microsoft Digital Crimes Unit is known as Operation b107, formerly Operation b49 which had taken down the Waledac botnet.

I have read around and some claims say as much as 39% of spam has dropped in the last few days, although I am not sure its quite that high. The M86 Security Labs company tracks spam botnets and according to them it looked like at one point The Rustock Botnet may have been responsible for about 60% of spam when it hit its peak last year, in 2010. Since it was shutdown a few days ago it looks like spam levels from the Rustock Botnet were closer to around 5% to 10%. That is still a great achievement, and it looks like they are starting to figure out how to go after these botnets and take them down.

You can learn more about how the Rustock Botnet works here:

http://www.m86security.com/labs/spambot ... rticle=902

Quote:
It is a sophisticated and prolific spamming machine, a leader in terms of spam output. The individual spambots are among the fastest at sending spam that we have observed. Rustock uses a rootkit to hide itself on its host, and changes its spam templates often. It focuses almost exclusively on male enlargement and other pharmaceutical drugs. Most variants of Rustock are not identified by antivirus programs as Rustock, but rather with generic names.


According to that article each infected machine can send 25,000 messages per hour, and estimates according to Wikipidea that anywhere from 150,000 to 2,400,000 machines had been infected and part of the Ruststock Botnet network. Just doing the math you can see that is a great deal of spam!

This is another interesting page which shows how spam has dropped over the last year:

http://www.m86security.com/labs/spam_statistics.asp

India tops the list as the country that sends out the most Spam, followed closely by Russia.
Ozzu Hosting - Want your website on a fast server like Ozzu?
  • Anonymous
  • Bot
  • No Avatar
  • Joined: 25 Feb 2008
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post March 22nd, 2011, 9:30 am

  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Joined: May 28, 2003
  • Posts: 23404
  • Loc: Woodbridge VA
  • Status: Offline

Post March 22nd, 2011, 10:29 am

I was reading that on Slashdot last night and was too tired to post it, but I thought that was great!
"There's no place like 127.0.0.1 except for ::1."
Alexandria Networks. Leader in IT consulting for associations/non-profits, and small to medium sized businesses around the northern Virginia and Washington D.C. metro area.
  • AdamC
  • Beginner
  • Beginner
  • User avatar
  • Joined: Dec 16, 2010
  • Posts: 38
  • Status: Offline

Post March 22nd, 2011, 4:21 pm

I'm not a Microsoft fan, but it's impressive that they were able to take down such a complex botnet. A World Wide Web with a little less spam is always a good thing.
  • spork
  • Brewmaster
  • Silver Member
  • User avatar
  • Joined: Sep 22, 2003
  • Posts: 6130
  • Loc: Seattle, WA
  • Status: Offline

Post March 22nd, 2011, 5:49 pm

Bigwebmaster wrote:
According to that article each infected machine can send 25,000 messages per hour, and estimates according to Wikipidea that anywhere from 150,000 to 2,400,000 machines had been infected and part of the Ruststock Botnet network. Just doing the math you can see that is a great deal of spam!


avg(150000, 2400000) = 1,275,000 computers

1,275,000 computers * 25,000 messages = 31,875,000,000 messages per hour

31,875,000,000 messages * 24 hours = 765,000,000,000 messages per day.

765 BILLION messages per day.

:shock: Yikes!
The Beer Monocle. Classy.
  • Zealous
  • Guru
  • Guru
  • User avatar
  • Joined: Apr 15, 2011
  • Posts: 1195
  • Loc: Sydney
  • Status: Offline

Post June 23rd, 2011, 11:10 am

Spork that is some math there but calculate how many computers that are internet enabled mind you we just ran out of ip's so these networks have a lot to cover.

That is just good news for me i get them penis emails every day or 2, i have 1000's in my email box of spam from everywhere and the forum bots are the worst of all. Good to see more spam networks taken down that means less traffic they are chewing up on our servers.

But god dam that is a lot of spam
  • linkbuildr
  • Newbie
  • Newbie
  • No Avatar
  • Joined: Nov 11, 2008
  • Posts: 11
  • Loc: Vancouver
  • Status: Offline

Post June 28th, 2011, 4:06 pm

Wow... 765 BILLION a day? That is absolutely unreal, even though spam presumably has low yields (who seriously falls for it these days?), they must have been making a fortune with a botnet like that.

Page 1 of 1

Post Information

  • Total Posts in this topic: 6 posts
  • Users browsing this forum: No registered users and 223 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 2011 Unmelted, LLC. Ozzu® is a registered trademark of Unmelted, LLC.