Clik here to view.
Bredolab botnet infiltrated
I’m a bit behind on writing about this, but last week the Bredolab botnet was infiltrated and shut down by Dutch police. From PC World:A massive takedown operation conducted by Dutch police and...
View ArticleClik here to view.
Rustock goes down (again); if this keeps occurring I’ll be out of a job
If you haven’t heard it yet, Rustock, the world’s biggest botnet, stopped sending spam yesterday, Wed, March 16. I guess they forgot to beware the ides of March:The Register reports the following:Spam...
View ArticleClik here to view.
Microsoft took down Rustock - My own company is going to put me out of a job!
It’s all over the Internet today but as it turns out, the ones who were largely responsible for taking down the Rustock botnet was none other than my employer, Microsoft! I had my suspicions that it...
View ArticleClik here to view.
Who has taken over as the most prolific botnet since Rustock was taken down?
Over at the site V3.co.uk, they have an article up today alleging that since the Rustock takedown two weeks ago, the bagle botnet has moved to take over as the botnet that is responsible for sending...
View ArticleClik here to view.
Rustock – a take down that worked but still part of a larger problem of botnets
I came across this video on Youtube today, a collaborative video between WorldBusiness and Microsoft. They go into the problem of botnets and then have clips and tips from various officials, including...
View ArticleClik here to view.
The distribution of botnets since Rustock went down
I pulled together some statistics on my collection of botnet statistics for the period of time between Rustock being shut down and Wednesday, April 6. I wanted to see the distribution of botnets per...
View ArticleClik here to view.
Has anyone stepped in to fill Rustock’s gap?
It has now been a little over two months since Microsoft and some others shut down the Rustock botnet. Since that time, Rustock has sent us only a trickling of spam and has not resurrected in its...
View ArticleClik here to view.
Solving the spam problem
Last week, I read Ed Falk’s blog post on The Spam Diaries where he commented on a possible solution to the spam problem. He himself was commenting on a study done by researchers out of the University...
View ArticleClik here to view.
New botnet is indestructible / no botnet is indestructible
Computerworld posted a story this week about a new botnet, TDL-4, that is virtually indestructible. It is so sophisticated that it is almost impossible to defeat:"TDL-4," the name for both the bot...
View ArticleClik here to view.
Taking down botnets is good / taking down botnets is bad
Did you ever get the feeling that whenever you read about security topics, you can get opposite viewpoints about the same events?Take shutting down botnets. To most people, shutting them down is a...
View ArticleClik here to view.
Spam is on the decline; what are the implications?
Previously, I wrote that the total amount of spam that we are seeing has seen a significant decline over the past year and a half. What does this mean in real terms? Are we finally winning the fight...
View ArticleClik here to view.
The Top 10 Spam, Malware and Cyber Security Stories of 2011
Well, here we are, the start of 2012. If you’re like me, you’ve read a bunch of stories online about the top news stories, movies and books of 2011. But what about the top 10 cyber security stories...
View ArticleClik here to view.
Security News Daily’s Top 10 Stories of 2011
As I was reading stories around the Internet, as per my daily ritual, I stumbled across Security News Daily’s Top 10 Biggest Security stories of 2011, by Matt Liebowitz. As I went through it, I...
View ArticleClik here to view.
Top bots in 2012 so far
Sometimes I read articles about the size of botnets. For example, this article on Krebs on Security is called “Who’s Behind the World’s Largest Spam Botnet?” Krebs names grum as the biggest...
View ArticleClik here to view.
How frequently do botnets reuse IP addresses?
I wonder how much botnets reuse IP addresses. Do they infect a system and spam, get blocked, discard the IP and move onto the next (new) one? This means that they have a nearly unlimited supply of IP...
View ArticleClik here to view.
Predicting the future of abuse
A couple of months ago, I wrote about IBM’s predictions for 2016, and one of those was that there would be no more spam. As I look around at other predictions about the future, I say to myself “Self,...
View ArticleClik here to view.
Predicting the future of abuse, part 2
Following on from my previous post, what does the future of Internet abuse look like? Here’s what I think:The proliferation of smaller devices will shift malware away from PCs to phones and tablets...
View ArticleClik here to view.
Microsoft disrupts the Zeus infrastructure
Over the weekend and this morning, Microsoft, working in conjunction with others, issued civil lawsuits to sinkhole numerous domains associated with the Zeus botnet. When I say “botnet”, I use the...
View ArticleClik here to view.
Has the Zeus disruption affected spam at all?
I’ve written a number of times in the past about which botnets send us the most spam. Cutwail is always in the top 3.With the Zeus disruption, has this affected Cutwail at all? Cutwail is not...
View ArticleClik here to view.
White House announces anti-botnet initiative
I was reading yesterday that the White House has announced an anti-botnet initiative in order to further its online safety agenda.From Engadget:The White House has been drumming up momentum for tighter...
View Article
