Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rustock Botnet Responsible For 40% of Spam

Posted by timothy on from the long-walk-short-plank dept.

angry tapir writes "More than 40 percent of the world's spam is coming from a single network of computers that computer security experts continue to battle, according to new statistics from Symantec's MessageLabs' division. The Rustock botnet has shrunk since April, when about 2.5 million computers were infected with its malicious software that sent about 43 billion spam e-mails per day. Much of it is pharmaceutical spam."

4 of 250 comments (clear)

  1. Re:Question by ScentCone · · Score: 4, Interesting

    it would seem to me that the pharmaceutical companies that benefit from this ... should have responsibility in the computer crimes taking place here

    The overwhelming majority of the "pharmaceutical" ads in questions are fraudulent. They're not actually selling Viagra. They're either selling knockoff placebos, or they're selling nothing at all, because they're just looking for naive suckers to visit a sketchy web site and cough up a credit card number or other details that can be used in identity theft schemes or similar crimes. Merck and the other actual makers of the real products would love nothing more than to shut this crap down.

    --
    Don't disappoint your bird dog. Go to the range.
  2. Re:Oh PAH-LEEEZE by Nemyst · · Score: 4, Interesting

    Your wording seems to indicate contempt. White hats or security experts unfortunately have their hands tied. They probably know how to take down the botnet, but that involves illegal activity. While the criminals are hampered by no such things, the lawful guys are stuck with it: anything they'd do that would be essentially good would get them jailed.

  3. Re:Oh PAH-LEEEZE by Yvan256 · · Score: 5, Interesting

    So, Lone Star, now you see that evil will always triumph because good is dumb. - Dark Helmet

  4. Re:Somebody by tibit · · Score: 4, Interesting

    You know what's really interesting in spam? For spam to pass the content filters, especially those based on statistical models of language, it has to have purposeful mistakes inserted all over the place. In the end, a piece of spam typically looks like if a stoned idiot wrote it. But now it seems that people who author the message in the first place became somehow infected by the stoned idiocy of their own messages.

    A few months ago I went through 300 non-scamming spam messages in my spam folder, and only managed to get to 5, I repeat, 5 payment screens. That means that most spam is pretty pointless: the websites it points to, if they haven't been left out (happens quite often), are mostly broken so that there's no way to actually pass any money to the spammer, even if you try really hard. Sometimes they superficially look like they may work, but when time comes to actually submit a payment, things are very likely to be broken. I have been testing stuff using virtual credit cards available from my bank, with very low limits -- below that of the payment amount. On a working site, you get some indication that the transaction was declined. In most places, though, there would be internal server errors, javascript errors preventing payment submittal, and all other sorts of problems.

    I think that bulk emailing operations are simply around to milk the spammers for money, and only the mailers make any money -- the spammers themselves seem too stupid to get any.

    It's quite hilarious.

    --
    A successful API design takes a mixture of software design and pedagogy.