http://www.theregister.co.uk/2008/12/08/mega_d_returns/ By John Leyden The Register 8th December 2008 One of the three botnets cut off by the shutdown of rogue ISP McColo is back in business. The Mega-D botnet is back on its feet and throwing off huge volumes of spam, net security firm Marshal8e6 reports. The botnet - best known for spamvertising adverts for penis pills - has been linked back to a network of compromised zombie PCs through a new command and control infrastructure. Analysis of where these systems are located is ongoing and neither Marshal8e6 or its competitors are prepared to point the finger of blame just yet. What's not in any doubt is that junk mail from compromised systems is on the rise. "Spam from Mega-D has been ramping up over the last few days and reached up to 48 per cent of all the spam we captured in our honeypot spam traps," according to Phil Hay, lead threat analyst for the Marshal8e6 TRACElabs. The shutdown of McColo last month was accompanied by a huge drop in the global levels of junk mail, with spam levels dropping to a third of their normal levels. Spam volumes are beginning to return to normal, according to security watchers. "Spam volumes are still only about 40 per cent of where they were in September this year but they have doubled since the last week of November, so the spammers seem to be clawing their way back,” said Hay. [...] _______________________________________________ Help InfoSecNews.org with a donation! http://www.infosecnews.org/donate.htmlReceived on Tue Dec 09 2008 - 00:19:19 PST
This archive was generated by hypermail 2.2.0 : Tue Dec 09 2008 - 00:39:20 PST