Home · Security · Spammers sought after botnet takedown

Spammers sought after botnet takedown

The Rustock botnet, which sent up to 30 billion spam messages per day, might have been run by two or three people.

Early analysis, following raids to knock out the spam network, suggest that it was the work of a small team.

Rustock was made up of about one million hijacked PCs and employed a series of tricks to hide itself from scrutiny for years.

Since the raids on the network's hardware, global spam levels have dropped and remain relatively low.

Net gains

"It does not look like there were more than a couple of people running it to me," said Alex Lanstein, a senior engineer at security firm FireEye, which helped with the investigation into Rustock.

Mr Lanstein based his appraisal on familiarity with Rustock gained whil

He said that the character of the code inside the Rustock malware and the way the giant network was run suggested that it was operated by a small team.

That work by FireEye, Microsoft, Pfizer and others culminated on 16 March with simultaneous raids on data centres in seven US cities that seized 96 servers which had acted as the command and control (C&C) system for Rustock. More...

03-27-2011 18:30