Spam Levels Holding Steady Despite Botnet Takedown
You cannot stop spam email; you can only hope to contain it. Frankly, even hoping for that is probably a little bit of wishful thinking. It’s been just more than a month since the much ballyhooed takedown of the Grum botnet, a network of infected computers was estimated to be responsible for about one sixth all the cheap Viagra ads you have ever seen. (It’s not just me getting those, right guys? Right?) So what affect has the takedown of one of the biggest spam delivery systems in the history of the web had on the amount of spam that actually hits your inbox? Absolutely none, it would seem.
When the security pros at FireEye teamed with governments around the world last month to takedown the Grum’s command and control servers, the system was reportedly sending out about 18 million spam messages every day. Taking it down was supposed to free Internet users the world over from the yoke of spam email forever — well, kinda. But it was certainly supposed to put a dent in the number of spam messages that get sent out, plying us with promises of free money, cheap drugs, and beautiful women who apparently cannot wait to meet us.
So it’s pretty disappointing that, according to Security Week, the volume of spam oozing into Inboxes worldwide hasn’t so much as budged since last month’s act of cyber-heroism. One of the reasons is that Grum’s size may have actually worked against it, meaning that the big, bad, botnet was not as effective at the time of its takedown as it had been in its heyday. Being so well known, the 100,000 or so computers that made up Grum were easy to blacklist or filter.
The bad news here might not be that spam traffic — which is actually down since 2008, not that you’d probably notice, as rates are still very high — has recovered, but that it recovered so quickly. Within a week of the takedown of Grum’s last server, based in Ukraine, analysts saw a return to pre-takedown levels. It’s not yet known who the main culprits behind the new waves of spam are, though the likely suspects are smaller, more agile botnets that are easier to manage and more difficult to trace.
There is at least one small bright side here. We can rejoice that while the Grum takedown was laughably ineffectual, at least security experts didn’t show their hand to any of those new botnets, alerting them to mistakes that made Grum more vulnerable as they crowed about their big win.
Wait. Wait…Ah, crap.
(via Security Week)