Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Take Down a Spam Botnet

Posted by kdawson on from the chalk-up-one-for-the-good-guys dept.

The Register is reporting on the takedown of a botnet once responsible for 1/3 of the world's spam. The deed was done by researchers from the security firm FireEye, who detailed the action in a series of blog posts. PC World's coverage estimates that lately the botnet has accounted for 4% of spam. From the Register: "After carefully analyzing the machinations of the massive botnet, alternately known as Mega-D and Ozdok, the FireEye employees last week launched a coordinated blitz on dozens of its command and control channels. ... Almost immediately, the spam stopped, according to M86 Security blog. ... The body blow is good news to ISPs that are forced to choke on the torrent of spam sent out by the pesky botnet. But because many email servers already deployed blacklists that filtered emails sent from IP addresses known to be used by Ozdok, end users may not notice much of a change. ... With [the] head chopped off of Ozdok, more than 264,000 IP addresses were found reporting to sinkholes under FireEye's control..."

3 of 207 comments (clear)

  1. Wrong title, not 'taken down' by RichardDeVries · · Score: 5, Interesting
    From TFA:

    Only two command server were found to be located outside the USA. So does it mean that shutting these servers down would result in a complete botnet shut down? Keeping in view Ozdok's multi layered fallback mechanism the answer here is 'no'.

    and

    After seeing all these fallback mechanisms, it doesn't look very easy to kill Ozdok in one go but hurting this beast might not be that difficult.

    --
    Error 001
    Security Scan and Virus Detection do not work with your operating system.
    1. Re:Wrong title, not 'taken down' by RichardDeVries · · Score: 5, Funny

      I agree, of course. However, I was pointing out that the claim the title makes is false. A spam botnet has been taken down when it is permanently disabled. (And the spammers themselves at the least publicly taunted by John Cleese, but that is my personal opinion).

      --
      Error 001
      Security Scan and Virus Detection do not work with your operating system.
  2. Re:And meanwhile... by damn_registrars · · Score: 5, Insightful

    Spam isn't so much an economics problem as a "some people are just dicks" problem

    That statement is accurate only for those who believe that spam is sent out to piss you off. Perhaps the spam you receive is somehow different from the spam that is sent to me? The spam that is sent to my addresses is sent to sell various products or services. And why is the spam sent to sell products? Because someone is paying the spammer to send it.

    Spam is a product that people are willing to pay for.

    Hence spam is a economic problem, because there is economic incentive to send it. Billions or trillions of spam messages can be sent at nearly no cost to the spammer; very little business needs to come from those spam messages to make them incredibly profitable.

    A lot of the problem with spam is the current system we use for email. It was never intended for such widespread use and has little-to-none in the way of authentication or security measures.

    I have yet to see a proposed replacement for the existing email system that actually suggests anything that would make a bit of meaningful difference for spam issues.

    You can encrypt emails for security sure, but it doesn't help get around the problem of spam..

    I agree with you on that. Encryption isn't worth squat in regards to spam.

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.