Mega-D Botnet Overtakes Storm, Accounts for 32% of Spam

Stony Stevenson writes "The new Mega-D Botnet has overtaken the notorious Storm worm botnet as the largest single source of the world's spam according to security vendor Marshal. This botnet currently accounts for 32 percent of all spam, 11 percent more than the Storm botnet which peaked at 21 percent in September 2007. It started about 4 months ago but has been steadily increasing since then. It is also using news headlines to trick victims into opening the spam, a technique synonymous with the Storm worm."

imagine what they could do...

[Cyko_01]

...if they were to work together against a common enemy!

Re:Priorities

[causality]

Isn't is nice to see that governments rather go after internet gambling, something that really doesn't dother me at all, and completely ignore spam, something that is really annoying to us, the normal people...

It makes clear, once again, that governments are totally not 2.0-ready. They don't know about how technologies work and how to deal with it.

What surprises me is the benefit of doubt that is always given to those in power. There is much political power to be had by allowing something to become a crisis and then stepping in with "justifiable measures" to address said crisis. This is referred to by various names; the two which come to mind are Problem, Reaction, Solution and the other is Thesis, Antithesis, Synthesis. The idea comes mainly from Hegel although I suspect it's actually older than this.

Really, don't you ever wonder why most "crises" were foreseeable events that were ignored or neglected until they became huge problems? Personally, I am not so quick to assume they just innocently "don't get it." They might or might not understand the technologies involved, but they certainly do understand what millions of people demanding that they "do something right now" can mean for their political careers.

Who cares about the exploiters?

[Idiomatik]

Chasing after security vulnerabilities and hackers is ridiculous. There wouldnt be spam-botnets if you hit the people paying the hackers. Killing a bot or imprisoning a hacker causes a tiny blip. If we charged every company being advertised in the spam the problem would go away. Spam wouldnt be profitable anymore.

Spam? What's that?

[Stochastism]

I don't quite get the spam thing anymore. It's solved. Spam is not annoying any more. Just use one of the big free email providers and you get relatively little spam. Even most corporations do a reasonable job with 3rd party spam filters. Sure, you still get it, but it's not annoying if it's a trickle.

Don't want to use a web interface? No problem, just get the free email service to fetch your mail, then download your filtered email by POP or IMAP. Okay, there's only one provider I know that lets you do that for free, but it probably has the best spam filtering too.

So you say all this spam is clogging up bandwidth? Well I bet it's still nothing compared with the bandwidth consumed by file sharing and video web sites. The economics of spam is changing, with fewer results per email sent, and more jail time per email sent, I reckon you'd have to be nuts to be a spammer these days.

Phishing on the other hand.. now that's bad.

Re:Spam? What's that?

[ScrewMaster]

Spam is not annoying any more.... So you say all this spam is clogging up bandwidth? Well I bet it's still nothing compared with the bandwidth consumed by file sharing and video web sites.

It's not? You might lose that bet.

I bet you've never run a mail server.

I doubt he has either. My bandwidth logs show that several hundred megabytes of crap hits my network every day, and that's just what is allowed past the firewall. I don't really know how much other stuff is coming at my IP, because it's blocked. The amount of spam is really unbelievable, though, and it's pretty much just a continuous unauthorized consumption of my paid-for resources that does me no good at all. I also get unending attacks on my FTP and other remote services, constant port scans and worm penetration attempts. All that does is clog my pipe, and eats ISPs profit margins.

Besides, torrents and video sharing sites are services that benefit the end user. Regardless of whether people like the GP believe that people are paying their ISPs enough for them, they don't claim vast amounts of bandwidth in order to sell a few thousand bottles of fake Viag!ka and make a few dozen people wealthy. The cost/benefit ratio of bit torrent is quite a bit better than that of spam, I'd say.

Re:Spam? What's that?

[SL+Baur]

I don't quite get the spam thing anymore. It's solved. I'll bet that you've never had an important message bounced or misfiled as SPAM and I'm sure you have never run a mail server.

SPAM is the biggest internet problem and has been for a long time and just keeps getting bigger. Whether you see it or not, I guarantee you, you are paying for it.

dumb idea #2

[icepick72]

In the case of a large botnet, instead of each security company trying to compete for user downloads (e.g. Symantec, AVG, Kapersky, Microsoft OneCare, etc) they should all get together, make one free download that specifically targets and eradicates the botnet source on the computer (on any OS) and ensure it gets shoved through all the distrubution channels like Microsoft download, Linux package installers, other tool updates, etc. Maybe the botnet is too complicated for this. I don't know the detials. However I know it's within the software companies' reaches to work together in spcial situations.

Q about the botnet world

[A+nonymous+Coward]

How much of this is just botnets fighting over the same zombies -- how many existing old botnet zombies get taken over by the new botnet?

Heck, how many actual botnet masters are there? Is this just the same people but with new malware? Is this malware just version n + 1 of the old malware? Or do the same botnet masters have several botnets?

I sure don't know much about these in this kind of sense.

Re:Q about the botnet world

You might benefit from reading up on the use of Eggdrop bots within the EfNet IRC network circa the mid to late 90's to get some idea about what such non-centralized networks are capable of accomplishing. I'd venture to guess that there are one or more similar software packages being modified to render the desired results.

I used to participate in operation of one of these botnets in defense of a couple very popular chat channels. There were often multiple networks connected together among groups who had friendly alliances. Features could be added or removed from bots individually. Groups of bots could be sent to retrieve(take-over) a lost channel, or sent into a new channel to help maintain its possession. Bots could monitor activity and provide useful reporting and statistics.

Though I do not recall any specific usage in relation to e-mail, it was certainly well within the realm of the software being used to be able to provide this capability, and we're talking about technology that is nearly 15 years old at this point.

Spam is the government?

[Max_W]

I remember a scandal, when British PM Tony Blair bought 2 apartments for times lower price than the market price.

The deal was handled by his associate, the convicted crook, who was the mastermind behind the Herbalife spam. It made me think...

Spam is responsible for the largest part of the Internet traffic. It should make the spammers most influential people.

They are rich, they have an access to all private information on our computers, they can bring down an infrastructure of any country, they can promote any idea.

Could it be that spammers are taking over the world? That they are behind the nowadays PMs and presidents? Can put and take them off at will?

This theory explains it all. The volume of spam, the spread of bot-nets, the Tony Blair case, the constant growths of spam.