0
Spam levels have not been dented by a series of strikes against controllers of networks of hijacked computers. Early 2010 has seen four such networks, or botnets, tackled via arrests, net access cutoffs and by infiltrating command systems.
The successes have not inconvenienced hi-tech criminals who found other routes to send spam, say experts. And, they add, despite falling response rates, spam remains too lucrative for criminals to abandon.
In early March, many parts of the command and control (C&C) system for the Zeus botnet were knocked out of action as Cisco and others cut off the Kazakhstani ISP being used to administer it.
The action comes on top of similar success against the Lethic, Waledac and Marioposa botnets in early 2010.
"So as far as impact on spam goes it has been minimal," said Rik Ferguson, a senior security analyst at Trend Micro.
Statistics on spam and botnet numbers in the UK gathered by Trend Micro show that the rates of both have stayed constant despite the growing numbers of successes against these networks of hijacked home PCs.
Victims, typically users of Windows machines, often fall victim via booby-trapped e-mail messages or through websites that slip malware onto computers via software vulnerabilities.
Botnet controllers have shown resilience in recovering swiftly after a shutdown. 2008 saw the close down of an ISP called McColo which provided net connections for many botnets. As a result of that, global spam levels dropped by 70% but it did not take long for junk mail levels to start climbing again.
Similarly, the recent action against the Zeus botnet briefly caused the number of C&C computers behind it dropping by a quarter. Since then, however, numbers have been climbing and the network is closing in on its earlier total.
The problem, say experts, is that those who send spam are not those that run the botnets. As a result, if one botnet disappears then spammers and other hi-tech criminals simply shop around for another.
Source
