Rustock is the Biggest Spammer
Rustock is today the largest and most productive spam botnet in the world this has been found at the RSA Conference 2011 in San Francisco. The Rustock botnet (founded around 2006) consists of an estimated 250,000 computers the size of Rustock is related to the constantly evolving technologies.
Joe Stewart, Director of Malware Research at Dell SecureWorks Counter Threat Unit, said that Rustock occupies the first position due to the fact that developers are constantly developing and updating source code which makes many antiviruses fail to detect the malware.
The interesting point is that most criminals are not anymore looking for having big size bot network but they try to have a smaller size of zombies in order to not be detected by major ISP’s , Rustock has employed other novel tactics to stay under-the-radar:
• Samples with active control servers have been observed waiting for up to five days before spamming
• Rustock control servers run a TOR exit node, likely in an attempt to avoid disconnection by network administrators who might think the abuse is originating elsewhere
• Rustock uses the HTTP protocol for communication with the controller, but disguises the requests as if they are online forum posts with encrypted content
• In an attempt to frustrate takedowns, hostnames associated with the Rustock HTTP communication do not map directly to the IP address of a Rustock controller; instead, the IP address listed in DNS is passed through a custom algorithm to find the true IP address to communicate with.
On the second place we find Cutwail botnet with 100,000 bots, followed by Lethic – 75,000 bots; Grum – 65,000 bots; Festi – 60,000 bots, and Maazben – 30,000 bots. The remaining spam botnets consist of 5,000 to 30,000 bots includes Asprox, Fuflo, Waledac, Fivetoon / DMSSpammer, Xarvester, Bobax, Gheg and Bagle.
Now it is clear that even if we use innovative solutions and latest security techniques to prevent breaches and criminal communications. Botnets will always continue to dominate the cyber threat landscape, botnet can be rented and they have new and attractive targets including smart phones and mobile devices.
make sure you subscribe to my RSS feed!
[…] This post was mentioned on Twitter by Rhonda Kreklau, Phil Hall, Mourad Ben Lakhoua, George, John Pirc and others. John Pirc said: RT @PhilHall: Rustock is today the largest and most productive spam botnet in the worl… http://bit.ly/eeQnUt […]
[…] communications, botnets will continue to dominate the cyber threat landscapeCross-posted from SecTechno Share This! | var addthis_config = […]
RT @Security_FAQs: Rustock is the Biggest Spammer http://bit.ly/hQrJZc
Rustock is the Biggest Spammer http://bit.ly/hQrJZc
RT @GFISoftware: Rustock is the Biggest Spammer http://j.mp/hi1Uro via @AddToAny
RT @GFISoftware: Rustock is the Biggest Spammer http://j.mp/hi1Uro via @AddToAny
RT @GFISoftware: Rustock is the Biggest Spammer http://j.mp/hi1Uro via @AddToAny
Rustock is the Biggest Spammer http://j.mp/hi1Uro via @AddToAny
RT @philhall: Rustock is today the largest and most productive spam #botnet in the worl… http://bit.ly/eeQnUt #security #infosec
#Rustock is the Biggest #Spammer http://tinyurl.com/62fswf2
Rustock is the Biggest Spammer http://tinyurl.com/62fswf2 …250K bots, followed by Cutwail 100k, Lethic 75k, Grum 65k , Festi 60 k, …
RT @palmitu: RT @PhilHall: Rustock is today the largest and most productive spam botnet in the worl… http://bit.ly/eeQnUt
#security Rustock is the Biggest Spammer http://dlvr.it/LwFWM #infosec
[…] botnet, Festi and Asprox . Previously Microsoft has shut down the biggest spammer botnet which is Rustock and after this operation most ISP’s founded that spams has been reduced in a significant […]