Botnets Rebuild Forces After Rustock Raid

After the Feds and Microsoft in March chopped off the head of the hydra that was the 1-million strong “Rustock” botnet responsible for sending billions of spam, several heads have sprung in its place. PC World notes a Symantec report of a 24% jump in emails containing malicious links and attachments, possibly representing an attempt to regrow the forces of zombie controlled computers and fill the void left by Rustock.

A botnet is a series of computers infected with code that lets them be controlled remotely, often for the sending of spam.

This is why its important to never open files or links emailed to you by people you don’t know, be careful even when you do know the person, and to scan any file you do download before opening it. Make regular virus and malware sweeps of your computer and keep up to date with all the latest security updates.

By the way, what does a botnet look like? Check out this cool interactive map and learn about their elegant architecture and the “Star of C+C.”

Botnets Rebuild After Rustock Takedown [PC World]


Edit Your Comment

  1. dush says:

    A cool interactive map that installs a botnet hook?

  2. Lyn Torden says:

    Flash is also an attack vector for botnets like this. I don’t if these guys have used that, but some have in the past. And Flash continues to have security issues. So it’s not just email to be concerned with. Be careful where you visit.

    • dangermike says:

      I have a suspicion that acrobat is the biggest route of entry. The last few times I’ve caught malware on the web was through following links on google news to articles which stalled while loading pdf’s presumably hidden in the page’s ads. I’ve never found positive confirmation. The last two computers I have purchased were windows 7 based and neither has had adobe’s acrobat reader and neither of them (after about 15 months of use) has been compromised to the best of my ability to tell. I’ve also gotten into the habit of turning off javascript if I suspect I’m browsing toward something potentially dangerous.

  3. Hungry Dog says:

    Unfortunately, even with training and PSA’s people will still open these files without thinking.

    • Bunnies Attack! says:

      Heh people actually thinking would be a nice change. Wasn’t there a story on here not too long ago about the president for Xbox Live sending out an email to be careful of spammers and attaching a sample email… then receiving people’s login names and passwords back?

  4. John says:

    If you have any doubt as to the foolishness of people, log into facebook and look at the people who are showing: [1] top 5 people who look at my profile; [2] what I will look like when I get old; or [3] I got my free iPad you can too. These people are ALL people who will click on a link in an email.

  5. RiverStyX says:

    That interactive map is very user-unfriendly.

  6. Megalomania says:

    Best way to avoid malware (assuming you run windows):

    -Connect to the internet through a router and not directly
    -Install Microsoft Security Essentials (the 1st party virus scanner for Windows)
    -Reinstall every few months

    Amusingly, Microsoft isn’t allowed to include MSE to be installed with windows due to complaints from 3rd party security vendors. The arguments are very similar to the anti-IE bundling lawsuit, but it really shows you how fucked things are when they aren’t allowed to increase the security of their OS lest someone else lose business.

    • Craige says:

      I don’t consider anti-virus as “increased security”. Anti-virus is something that is needed due to poor security.

      I’m not bashing Windows. I just don’t agree with the philosophy that running anti-virus is the answer to security. It’s more of an afterthought, really.

  7. Happy Tinfoil Cat says:

    Modding servos for continuous rotation = botnet rebuilding because roBOT and BOTnet both have ‘bot’ in their names.

  8. zappo says:

    I get an average of a couple of dozen or more real “spam” messages daily -vs- junk mail, spam being email for various nefarious purposes, junk email just being from places I shop, like Amazon or Costco. Spam did go down dramatically for a few days recently but is now moving back up to normal volumes. I have a good paid for (and not in the cloud) spam filter IMO, (Spambully) with Outlook, and that keeps spam out of the Inbox and unopened which is important. I attribute the spam to having the same email address for 10 or more years and having it sold or stolen, it’s a common problem. Interestingly, after that Big security breach at Epsilon, I have started to get spam that make it by my filter, indicating that my email address is being used by a totally new spammer. The bot’s are spooky, I have all the traditional shields in place and still wonder if I will get infected someday by something totally new.