This drop in spam was mainly due to the impact that the shutdown had on controllers of six major botnets, including...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
one of the world's largest, Srizbi. Experts put the size of this botnet at around 500,000 machines and estimated that is supposedly capable of sending around 60 billion spam messages a day -- more than half of the global total. Interestingly, one reason for the initial spam decrease was that a number of emails were discarded because they were sent to non-existent addresses dropped to a fraction of its usual level. This could mean that levels of other spam email were still relatively high.
Sadly, spam levels have slowly crept back up. By January, MessageLabs Inc. reported spam volumes at about 80% of pre-McColo takedown levels; Symantec Corp.'s April 2009 spam report said that volumes were, in fact, back to pre-takedown levels. Google has also reported similar findings based on the millions of inboxes it manages. This fall and rise of spam after a takedown demonstrates a common pattern; when another ISP, Intercage, for example, was taken down, it created only a brief decline in spam activity as botnet controllers simply found new "unscrupulous" providers.
However, following the McColo shut down, it does appear that controllers are adopting new strategies to avoid a similar hit on their operations. One tactic is to not run their botnets at full capacity, which avoids exposing a new ISP as a target. Some are even using peer-to-peer technology to send instructions between computers rather than having a single command-and-control computer communicate with all of their bots.
Obviously, the takedown of McColo was a good thing, even though the reduction in spam was only temporary. It took spammers only four months to get their botnets back up and running. Worryingly, there's now a rise in the amount of spam with malware attached. McColo was a small victory, but the war is still very much ongoing. With 85% of all email traffic thought to be spam, we certainly need more victories.
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Michael Cobb
Many users of the file-sharing website Docs.com were unaware that the sensitive data they uploaded was searchable. Expert Michael Cobb explains how ...continue reading
The libpurple library contains a code execution vulnerability that affects the IM clients that were developed using it. Expert Michael Cobb explains ...continue reading
The ReBreakCaptcha exploit can bypass Google's reCAPTCHA verification system using flaws in Google's own API. Expert Michael Cobb explains how the ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.