[ISN] Spam shows sudden slide

From: InfoSec News (alerts@private)
Date: Tue Jan 09 2007 - 22:12:34 PST


http://www.techworld.com/security/news/index.cfm?newsID=7735

By Matthew Broersma
Techworld
09 January 2007

Worldwide spam levels have mysteriously dropped off over the past week, 
according to managed email provider SoftScan, possibly as a result of a 
major botnet going out of service.

Spam levels continued to rise in December, but crashed by 30 percent in 
the first week of January, SoftScan said on Tuesday. The company has 
seen nothing similar in the past, but believes the most likely 
explanation is that a botnet - a network of compromised machines - has 
temporarily lost control of its client systems.

The results are based on SoftScan's analysis of the email systems it 
scans for about half a million users, mostly international businesses, 
according to chief technology officer Diego d'Ambra.

"This is very unusual. For years spam has just been steadily going up 
and up, and now all of a sudden, levels are similar to where they were 
in the first half of 2006," he told Techworld.

He said a major botnet was almost certainly the cause of the 
fluctuation, since botnets are now the single biggest factor in spam 
generation.

D'Ambra said the Warezov worm - also called Stration - was 
single-handedly responsible for most of the rise in spam in the second 
half of 2006, a feat it achieved through silently invading systems and 
adding them to its botnet. The last few days' fluctuations could be 
related to Warezov, he said.

The only other events that could have had such a significant effect 
might be the Asian earthquake, which could have prevented spam from the 
region, or a mass replacement of infected systems by new PCs received as 
Christmas presents, d'Ambra said.

However, both are unlikely - the drop-off was not instantaneous, as it 
probably would have been if caused by the earthquake, and such an effect 
hasn't been seen in any previous post-Christmas period.

Spam levels remained high at 89.36 percent of all email in December, 
with a low point on 21 December of 84.95 percent.

The company said the extreme levels of spam are likely to prompt 
governments to take a harder line on anti-spam law enforcement this 
year, d'Ambra said.

Virus levels remained low in December, at 0.5 percent of all email 
scanned by the company, but this is largely because virus writers are 
seeking to quietly take control of systems rather than cause disruption.

"The longing for notoriety is a thing of the past," d'Ambra stated.

Sixty-nine percent of viruses were related to phishing, the company 
said.


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Tue Jan 09 2007 - 22:31:19 PST