CircleID

A recent study suggests Rustock and Xarvester malware provided the most efficient spambot code, enabling individual zombie computers to send 600,000 spam messages each over a 24 hour period.

"Over the past few years, botnets have revolutionized the spam industry and pushed spam volumes to epidemic proportions despite the best efforts of law enforcement and the computer security industry. Our intention was to better understand the origins of spam, and the malware that drives it," said Phil Hay, senior threat analyst, TRACElabs (a research arm of security company Marshal8e6).

TRACElabs deliberately infected its lab computers and observed the behavior of the bot malware. Researchers looked at what changes it made to the registry, what ports it communicated over and observed how much spam each bot type was capable of sending.

The company's research extended to nine botnets that TRACElabs considered to be the largest spammers or the strongest up-and-comers, including: Xarvester, Mega-D, Gheg, Grum, Donbot, Pushdo, Bobax, Rustock and Waledac. These botnets collectively account for more than 70 percent of the world's total spam volume according to Marshal8e6.

Related Links:
Marshal8e6 Releases New Insight and Analysis into Botnets
One bot-infected PC = 600,000 spam messages a day

Related topics: Cybercrime, Malware, Security, Spam