Tag Archives: Grum

Festi Botnet Joins the Big 5

image Symantec’s MessageLabs Intelligence, has just reported that the Cutwail, Bagle, Grum, and Rustock botnets, have been joined by a new botnet – Festi, which now accounts for 3-6% of the daily global spam.

As a percentage this doesn’t sound like an impressive number, but translated into actual spam volume; 1.5 to 3 billion spam e-mails per day globally – that’s impressive. Like all successful botnets Festi continues to grow by adding additional infected (botnetted) machines, to its network.

According to MessageLabs,  Festi is responsible for at least some of the annoying “male enhancement” spam we are all so familiar with.


For information on botnets and how to determine if your machine has been compromised, the following articles should be helpful:

Tech Thoughts: 2 Free Port Checkers – CurrPorts and Process and Port Analyzer

Tech Thoughts: Catch the Bad Bots with Free RUBotted from Trend Micro

PCWorld – Monitor Botnet Threats Your Antivirus Can’t See

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Comments Off on Festi Botnet Joins the Big 5

Filed under bots, Don't Get Hacked, downloads, Email, Freeware, Internet Security Alerts, MessageLabs, Software, Symantec, System Security, Windows Tips and Tools

150 BILLION Daily Spams – Who’s Responsible?

Symantec’s latest MessageLabs Intelligence Report – unveiled today – describes in detail who’s responsible for such unprecedented levels of spam.

image Over 150 BILLION unsolicited e-mail messages are being distributed by compromised computers every day, which means that botnets are responsible for approximately 88 percent of all spam out there today.

Recent closures of rogue Internet Service Providers McColo, PriceWert and Real Host have significantly hurt the two biggest botnets of 2009: Cutwail and Srizbi, which at their peak where each responsible for 45.6 percent and 50 percent of all global spam, respectively. Since then, Cutwail has been bumped to the third most powerful botnet and Srizbi has disappeared.

ML Botnets

Here’s a look at how some of the newest botnets stack up:

Grum – the most active botnet, responsible for over 23 percent of global spam. Since June, Grum has increased its output per bot massively, pushing it to the top of the current “worst offenders”.

Bobax – has overtaken Cutwail as a top botnet, and is responsible for 15.7 percent of spam. Previously one of the smaller, less active botnets, Bobax has now quadrupled in size and its output per bot per minute is now the highest MessageLabs has ever seen.

Rustock – the largest botnet of all, with an estimated 1.3 to 1.9 million compromised computers in its control. Rustock has roughly doubled in size since June, but doesn’t have a high output. What sets this botnet apart from the rest is its highly automated cycle of spamming activity: spam from this botnet accelerates from 3am EST, peaks around 7am EST and dies down by 7pm EST.

Mega D – has been losing bots quite rapidly. It is now only one tenth the size it was in June. However, it’s now working its bots harder than ever, 2nd only to the output of Bobax in spam per bot per minute!

Maazben – meet the newest botnet, and one to watch in the future. Currently focused on sending out casino-spam, Maazben first appeared in May and has been growing the number of bots rapidly in recent weeks while keeping its output low.

What else can we expect from these powerful machines and how can businesses safeguard against their threats? You can find additional information on this and other online threats here.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.


Filed under Don't Get Scammed, Don't Get Hacked, Email, Interconnectivity, internet scams, Malware Reports, MessageLabs, Online Safety, Symantec, Windows Tips and Tools