Home / Industry

The Botnet-Counterfeit Drugs Connection

Spam levels have declined dramatically since the March 16 takedown of Rustock, the world's largest botnet, but how long will this victory last? Rustock was responsible for sending almost half of all global spam and up to 44 billion spam emails per day. The spam was mainly emails that linked to websites offering counterfeit pharmaceutical drugs. Since the Rustock takedown, Viagra and Cialis spam emails have declined 75 percent, and security vendors have noted that Rustock has not become active again. The takedown is certainly a positive development, but pharmaceutical brand owners have good reason to remain cautious.

The key reason for caution is that the economics of the counterfeit drug industry suggest a continuation of pharmaceutical spam. One security researcher involved in the Rustock takedown observed that the money the Rustock botnet operators were making from sending pharmaceutical spam "was off the chart." According to an Interpol official, criminals spending $1,000 to make counterfeit medicines can earn as much as $450,000. There is a lot of money flowing between the counterfeit drugs industry and the botnet industry.

This big money means there will likely be replacement botnets or alternative online marketing methods to drive traffic to fake pharmaceutical sites. Cybercriminals may develop new botnets via increased malware infections. Or they may find new ways to drive traffic to fake pharmaceuticals websites. Current botnet operators could also form alliances to take up some of the slack in email distribution after Rustock. The point is there's just too much money at stake for the Rustock takedown to be the last word in pharmaceutical spam.

Post-Rustock, pharmaceutical brand owners should remain vigilant and monitor their brands, especially across websites, business-to-business exchanges, and search engines. An effective online brand protection strategy must address distribution channels as well as promotional touchpoints. Such an approach is the best way to protect customers from being diverted to places on the web selling fake, potentially harmful pharmaceutical drugs.

About MarkMonitor


MarkMonitor®, the world leader in enterprise brand protection and a Thomson Reuters Intellectual Property & Science business, uses a SaaS delivery model to provide advanced technology and expertise that protects the revenues and reputations of the world's leading brands. Learn More

Related topics: Cybercrime, Malware, Security, Spam

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Officially Compromised Privacy

The Emotional Cost of Cybercrime

Why I Wrote 'Thinking Security'

Regulation and Reason

In Network Security Design, It's About the Users

Related News


Industry Updates – Sponsored Posts

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

Verisign & Forrester Webinar: Defending Against Cyber Threats in Complex Hybrid-Cloud Environments

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Faster DDoS Mitigation - Introducing Verisign OpenHybrid Customer Activated Mitigation

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Announcing Verisign IntelGraph: Unprecedented Context for Cybersecurity Intelligence

The Deep Web and the Darknet - The Nether Regions of the Internet

Introducing the Verisign DNS Firewall

TLD Security, Spec 11 and Business Implications

Verisign Named to the Online Trust Alliance's 2015 Honor Roll

3 Key Steps for SMBs to Protect Their Website and Critical Internet Services

Key Considerations for Selecting a Managed DNS Provider

Verisign Mitigates More DDoS Attacks in Q1 2015 than Any Quarter in 2014

Verisign OpenHybrid for Corero and Amazon Web Services Now Available

Afilias Supports the CrypTech Project - Ambitious Hardware Encryption Effort to Protect User Privacy

Public Sector Experiences Largest Increase in DDoS Attacks (Verisign's Q4 2014 DDoS Trends)

Help Ensure the Availability and Security of Your Enterprise DNS with Verisign Recursive DNS

Verisign iDefense 2015 Cyber-Threats and Trends

What's in Your Attack Surface?

Sponsored Topics