Home / Industry

The Botnet-Counterfeit Drugs Connection

Spam levels have declined dramatically since the March 16 takedown of Rustock, the world's largest botnet, but how long will this victory last? Rustock was responsible for sending almost half of all global spam and up to 44 billion spam emails per day. The spam was mainly emails that linked to websites offering counterfeit pharmaceutical drugs. Since the Rustock takedown, Viagra and Cialis spam emails have declined 75 percent, and security vendors have noted that Rustock has not become active again. The takedown is certainly a positive development, but pharmaceutical brand owners have good reason to remain cautious.

The key reason for caution is that the economics of the counterfeit drug industry suggest a continuation of pharmaceutical spam. One security researcher involved in the Rustock takedown observed that the money the Rustock botnet operators were making from sending pharmaceutical spam "was off the chart." According to an Interpol official, criminals spending $1,000 to make counterfeit medicines can earn as much as $450,000. There is a lot of money flowing between the counterfeit drugs industry and the botnet industry.

This big money means there will likely be replacement botnets or alternative online marketing methods to drive traffic to fake pharmaceutical sites. Cybercriminals may develop new botnets via increased malware infections. Or they may find new ways to drive traffic to fake pharmaceuticals websites. Current botnet operators could also form alliances to take up some of the slack in email distribution after Rustock. The point is there's just too much money at stake for the Rustock takedown to be the last word in pharmaceutical spam.

Post-Rustock, pharmaceutical brand owners should remain vigilant and monitor their brands, especially across websites, business-to-business exchanges, and search engines. An effective online brand protection strategy must address distribution channels as well as promotional touchpoints. Such an approach is the best way to protect customers from being diverted to places on the web selling fake, potentially harmful pharmaceutical drugs.

About MarkMonitor

MarkMonitor

MarkMonitor®, the world leader in enterprise brand protection and a Thomson Reuters Intellectual Property & Science business, uses a SaaS delivery model to provide advanced technology and expertise that protects the revenues and reputations of the world's leading brands. (Learn More)

Related topics: Cybercrime, Malware, Security, Spam

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

dotStrategy Selects Neustar's Registry Threat Mitigation Services for .BUZZ Registry

24 Million Home Routers Expose ISPs to Massive DNS-Based DDoS Attacks

What Does a DDoS Attack Look Like? (Watch First 3 Minutes of an Actual Attack)

Joining Forces to Advance Protection Against Growing Diversity of DDoS Attacks

Why Managed DNS Means Secure DNS

Rodney Joffe on Why DNS Has Become a Favorite Attack Vector

Motivated to Solve Problems at Verisign

Diversity, Openness and vBSDcon 2013

Neustar's Proposal for New gTLD Collision Risk Mitigation

IT Project Management: Best Practices in Small-Scale Engagements

DDoS Attacks in the United Kingdom: 2012 Annual Trends and Impact Survey

7 Keys to Professional Services Value: A Client-Side Perspective

Neustar Launches Global Partner Program

MarkMonitor Named a Top Trusted Website in OTA's 2013 Online Trust Honor Roll

Neustar Chief Technology Officer Appointed to FCC's Technological Advisory Council

Hope is Not a Strategy: Neustar Releases 2012 Annual DDoS Attack and Impact Survey

How Neustar Technology Can Help Mitigate DDoS Attacks

Reducing the Risks of BYOD with Nominum's Security Solution

Neustar Launches Enterprise Professional Services Offerings

Nominum Releases New Security Intelligence Application

Sponsored Topics