Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spam Drops 1/3 After Rustock Botnet Gets Crushed

Posted by CmdrTaco on from the eggs-bacon-sausage-and dept.

wiredmikey writes "The Rustock Botnet was sending as many as 13.82 billion spam emails each day before being taken down early this month by an effort headed by Microsoft in cooperation with authorities and the legal system. According to Symantec's March 2011 MessageLabs Intelligence Report, the Rustock botnet had been responsible for an average of 28.5% of global spam sent from all botnets in March. Following the takedown, when the Rustock botnet was no longer cranking out spam by the billions, global spam volumes fell by one-third. For reference, toward the end of 2010, Rustock had been responsible for as much as 47.5% of all spam, sending approximately 44.1 billion e-mails per day, according to MessageLabs stats. Since then, Bagle, a botnet that wasn't even on MessageLabs' top ten spam-sending botnets at the end of 2010, has taken over from Rustock as the most active spam-sending botnet this year."

24 of 199 comments (clear)

  1. Impressive by disopaos · · Score: 5, Insightful

    It's really impressive Microsoft was able to do this. They've dropped 33% of the worlds spam and they did it all alone. Microsoft deserves kudos to this. Good job MS!

    1. Re:Impressive by Joce640k · · Score: 4, Informative

      "Spam will be a thing of the past in two years' time" - Bill Gates, 24 January 2004.

      --
      No sig today...
    2. Re:Impressive by Evtim · · Score: 3, Insightful

      Excellent! So they can drop all attempts to regulate the bandwidth. After all we just got 30% wider pipe, did we not?

      For those oh so bandwidth hungry mobile devices......

    3. Re:Impressive by postbigbang · · Score: 4, Insightful

      Microsoft's operating system architecture allowed users to have admin privileges, among other architectural mistakes. Defaults were made so that HTML rendering was done by default, as well. Many users were infected because of incompetence-- not by sheer numbers.

      FOSS coders have the same loathing for spam and lack of prosecution that other coders do. That Microsoft has taken down a botnet is laudable. Others ought to join in, too. But first, perhaps online email services ought to acknowledge the role the play in allowing spammers to do their work. Microsoft is one of the good guys here, acknowledging abuse complaints quickly, but others like AOL and Yahoo, don't even acknowledge a complaint, let alone act on them.

      Botnets are one part of the problem, but even users trying to do their very best get infected. It's less so than before XP SP2+ editions, but there are very few non-Microsoft botnet members out there. Think about that.

      --
      ---- Teach Peace. It's Cheaper Than War.
    4. Re:Impressive by rolfwind · · Score: 2

      Microsoft didn't create any problem to begin with. All OS's with billions of stupid users will get infected.

      Not all OSes are created equal.

    5. Re:Impressive by cpghost · · Score: 3, Insightful

      Since most of those botnet machines are running MS, I'd say, it's about time MS became involved in the fight against spam. The delivery mechanism for all this spam wouldn't exist if it weren't for Microsoft's poor record at building a somewhat secure operating system.

      --
      cpghost at Cordula's Web.
    6. Re:Impressive by DNS-and-BIND · · Score: 2

      Good job! Especially since worm-riddled broadband-connected home computers running Microsoft operating systems were the cause of the spam problem in the first place. An unreasonable man like me would view this as a problem of Microsoft's causing, and by default their responsibility to clean up. Seems as if Microsoft's shoddy programming job allowed the holes to exist in the first place, and they cynically passed the cost on to the rest of us. Sort of like how an amoral oil company should be forced to clean up its oil rig blowout without any special thanks.

      Nah, that's crazy talk. Kudos to Microsoft!

      --
      Shutting down free speech with violence isn't fighting fascism. It IS fascism!
    7. Re:Impressive by aztracker1 · · Score: 2

      It doesn't even take rooting an OS.. though it does help to prevent being removed by AV programs later... a trojan can be installed with user permissions and run by the user's desktop when said user is logged in... It doesn't take root, but helps... on non-windows OSes, most users aren't running any kind of AV scans which would make it easier.

      1. Build Java(cross-platform) puzzle game/clone
      2. Inject email spamming software into the game.
      3. Send billions of spam...
      4. Profit!

      --
      Michael J. Ryan - tracker1.info
    8. Re:Impressive by AJH16 · · Score: 2

      Unfortunately no, since spam didn't take 100% of the pipe.

      --
      AJ Henderson
    9. Re:Impressive by Stunky · · Score: 2

      He was right. Gmail was launched April 1st, 2004.

    10. Re:Impressive by digitig · · Score: 2

      It's not an arrogant assumption of computer nerds -- I make security blunders too. It's a recognition that there's a fundamental mismatch between what the computer is capable of and the fact that it's a consumer durable. If there were no driving test then I bet road fatalities would be higher, but pretty much nothing you could do to the user interface of the automobile whilst still retaining the functionality would fix that. The only solution is to make it so that only those trained and shown to be at least basically competent are allowed behind the wheel. That probably couldn't be enforced for home computers, so the only answers would be to cripple functionality (would work for a lot of users, actually) or take security out of their hands (another current story on /.). The power users wouldn't be happy, though.

      --
      Quidnam Latine loqui modo coepi?
    11. Re:Impressive by jdpars · · Score: 2

      Have you SEEN email spam lately? It's entirely non-sensical. Anyone who clicks on something in one (assuming it makes it past a spam blocker) is an idiot. Spam might as well be gone.

  2. Who cares by afidel · · Score: 4, Insightful

    The organized criminals who are raking in the money are well protected in their home countries so this is essentially a big game of whack a mole until people better protect their computers (good luck with that).

    --
    There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
    1. Re:Who cares by Jahava · · Score: 2

      The organized criminals who are raking in the money are well protected in their home countries so this is essentially a big game of whack a mole until people better protect their computers (good luck with that).

      Agreed, kind of. Users can only do so much, especially when zero-days are frequent targets of vulnerabilities and vendors do lazy and irresponsible patching and damage control.

      We need well-enforced international criminal penalties for both the spammers themselves, as well as the corporations that hire them. Remove the monetary incentive and both the motive and means drop significantly. This also reduces the overall incentive to infect others' machines as a nice side effect.

      What would also be interesting is legislation holding a corporation accountable (to an extent) for damages caused by infections that leveraged their products as a vector. I imagine that would light a fire under Adobe's feet to actually patch responsibly.

    2. Re:Who cares by _|()|\| · · Score: 5, Informative

      this is essentially a big game of whack a mole

      The last couple of times a story like this was posted, I went straight to SpamCop's statistics for corroboration. You're right: the touted decrease in spam is real, but temporary. However, the yearly chart does seem to show a downward trend.

    3. Re:Who cares by damn_registrars · · Score: 2

      so this is essentially a big game of whack a mole until we do something about the economic forces behind spam

      There, fixed that for 'ya. No amount of patching and filtering will make spam go away - ever. Spam will continue to be sent out as long as spammers can make money by sending out spam. The only way we can ever end spam for good is to either make it too expensive to send (which would not be palatable for most users) or take serious steps to interfere with the money train that keeps the spammers paid.

      Everything else is reactionary, futile, or just a feel-good step (or a combination thereof).

      --
      Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
    4. Re:Who cares by Belial6 · · Score: 2

      It would also destroy the software industy and stagnate it with the few companies that could afford the insurance or were "too large to fail" and making sure that the three companies still producing software didn't do anything new for fear of creating a hole.

  3. Form letter time by DriedClexler · · Score: 5, Funny

    This same old "silver bullet" for spam is yet another lame attempt to solve an intractable problem. Here we go...

    Your post advocates a:

    wait, one third you say??? Holy shit, never mind! Good work!

    --
    Information theory is life. The rest is just the KL divergence.
  4. This is really good news... by Tigger's+Pet · · Score: 2

    Now I can get my spam-bot service up and running with much less competition in the marketplace. Some penis-enlargement companies just don't want to spread their money around.

  5. Re:Agreed, 110%... apk by Anonymous Coward · · Score: 3, Funny

    Don't forget about the spam that contains an /etc/host attachment. Some of them are hundred of megabytes in size.

  6. Not for long... by damn_registrars · · Score: 4, Insightful

    Sure the spam volume dropped, but anyone who thinks this is anything but temporary is either crazy or an idiot. Naturally as soon as one botnet goes down another one ramps up to take its place; this is exactly what the prime motivating factor behind spam - money - will do to the situation.

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
  7. Re:Unrootable by TaoPhoenix · · Score: 2

    Amiga OS 5!

    "Never heard of it? Precisely!"

    --
    My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
  8. Can't Fix Stupid by Anonymous Coward · · Score: 3, Informative

    Actually, MS is a highly secure OS. It is the users that are not secure. I have hundred of windows servers and been running them for years on the internet. So have many others. They don't turn into zombies. I have had several PC's, all windows none of them zombies. I have a sister who has to have every toolbar she comes across and any free software that tells her the weather or what ever. She turns a PC into a zombie in usually a weeks time. I have a neighbor, running a mac, little old lady. Found hers to be running as a zombie. Have a niece and a nephew that are constantly downloading torrents and things, all their PC's zombies. The more amazing thing, you can tell them they are zombie and explain it to them, they just don't care.

    So you really need to put the blame though where it deserves users. While we are at it, I am hoping all the windows user do go buy macs. I will let you have those users all you want.

    1. Re:Can't Fix Stupid by rsborg · · Score: 2

      Actually, MS is a highly secure OS. It is the users that are not secure.

      Typical blame-the-victim (btw MS is a company, not an OS).
      Years of Microsoft's poor security practices in the service of extraction of greater profits and margins has led to this situation.

      I have a neighbor, running a mac, little old lady. Found hers to be running as a zombie.

      Let me match your anecdotal evidence with some of mine (equally valuable):
      I have numerous (dozen or more) relatives that have migrated to Mac who prior to the migration would always have some spyware or virus on their Windows system, even a botnet client or two. Post migration, I have yet to hear of any slowdowns, erratic behavior or even systems problems (aside from meatspace issues like wrist pain from computer use, etc). My cousin lost a Mac HD, back in '07 and Time Machine (new back then) didn't save his data.... that's about it.

      The fact that Vista/7 is more secure than XP does little to counteract the habits and ecosystem of malware that exists to exploit people. Everyone I know would rather focus on setting up their backup software and dealing with how best to configure their keyboard than worrying about running MS security essentials (good on MS for that one, btw) or malwarebytes.

      --
      Make sure everyone's vote counts: Verified Voting