We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Botnets make 2007 a bumper year for spam

96% of all email is unsolicited junk

Global spam reached rates as high as 96 percent of all email traffic during 2007. And, according to a report from Commtouch, botnets helped keep spam output at consistently high levels throughout the year.

According to data collected by Commtouch, a security firm that specialises in protecting email, the global spam rate averaged around 80 percent of all email traffic throughout the year.

Although the spam rate dipped to as low as 60 percent in the second quarter of 2007, it spiked back up in the third and fourth quarters, peaking at 96 percent of all email output early in the fourth quarter.

Commtouch says that botnets - which are networks of infected zombie hosts that are used to carry out distributed denial-of-service attacks and massive spam campaigns - were the major culprits behind the spam outbreaks.

The most disruptive botnet, says the firm, was the Storm worm botnet, which researchers estimate contains more than 1 million infected machines. In the fourth quarter of 2007, for instance, the Storm botnet launched an MP3 spam campaign that enticed unwitting users into downloading malware by offering them free music through infected sound files.

See also:

Sexy Christmas spam doubles Storm worm

The firm says that this particular attack accounted for 7 percent to 10 percent of all global spam traffic at its peak.

In addition to its MP3 attacks, the Storm botnet launched a series of holiday-themed spam attacks that included dancing skeleton graphics for Halloween and Christmas emails that enticed users with promises of "sexy girls" who would "give you that special Santa treatment".

Commtouch warns that the Storm botnet has yet to be used to its full potential and that its activity in 2007 "may come to be seen as merely the calm before the Storm compared to what 2008 has yet to bring". Part of the reason that the Storm botnet has been so difficult for security pros to tackle, the firm notes, is that it has an elaborate defence system that aggressively attacks anyone who attempts to reverse engineer it.

Additionally, Commtouch says it is virtually impossible to track down Storm's botmaster, because its command and control is executed through a peer-to-peer network.

"The only effective way to protect against Storm and other botnets is to dynamically detect and block activity from the infected machines, based on identifying zombie IP addresses," Commtouch says. "Only security solutions capable of detecting and classifying malicious activity in real-time are able to provide a barrier against this growing threat."

Get the latest PC security news, reviews and tips & tricks at Security Advisor.


IDG UK Sites

Where to buy iPhone 6 and iPhone 6 Plus in the UK: Launch day price, deals and contracts

IDG UK Sites

Is Apple losing confidence in itself?

IDG UK Sites

Professional photo and video techniques for perfect colours

IDG UK Sites

How (and where) to buy an iPhone 6 or iPhone 6 Plus in the UK. Plus: What to do if you pre-ordered...