Rustock remains the most dominant botnet on the spam scene, with spam output that more than doubled since last year, according to new research from Symantec in its annual MessageLabs Intelligence 2010 Security Report. In 2010, Rustock was responsible for more than 44 billion spam emails per day and had more than one million bots under its control. Botnets Grum and Cutwail are the second and third largest respectively, the report said.
Spam rates peaked in August 2010 at 92.2 percent of all email sent when the Rustock botnet was being aggressively seeded by new malware variants and quickly put to use. Overall, spam levels reached 89.1 percent, an increase of 1.4 percent compared with 2009. For most of 2010 spam from botnets accounted for 88.2 percent of all spam.
Also see The botnet hunters
The report reveals how much of an impact botnet activity has on spam levels and how resilient botnets are, even when confronted with a shutdown. The report noted a reduction in spam from botnets after the closure of spam affiliate, Spamit, in early October 2010. After the closure, botnets accounted for 77 percent of spam. But the total number of active bots have already returned to roughly the same number as at the end of 2009, increasing by approximately 6 percent in the latter half of 2010. The total number of botnets worldwide is between 3.5 and 5.4 million, said Symantec officials.
Spammers used subjects related to current events, as well as intriguing questions, to trap victims, said Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec Hosted Services.
"With successful and resilient botnet operations established in prior years, the cyber criminals experimented with many tactics to keep spam campaigns active and fresh this year," said Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec Hosted Services. "From leveraging newsworthy events like the FIFA World Cup to taking advantage of the widespread popularity of URL shortening services and social networks, the spammers deployed a variety of tricks to bypass spam filters and lure potential victims."
One of the most successful security threats of the year was the 'Here You Have' virus, said Wood.