How Destroying a Botnet Reduced Worldwide Spam By 90% (Have You Seen a Difference?)

killing spam.jpg

Have you noticed a decrease in spam in your email inbox recently? I haven’t, but that may be due to Gmail’s excellent spam filters. According to Symantec, though, worldwide spam has decreased 90% in the last year. How? Two of the world’s largest botnets were knocked offline, accounting for much of the reduction. Those botnets controlled millions of infected computers, sending out billions of spam email messages a day. With the botnets out of the picture, spam has fallen dramatically. Here’s how the botnets were taken offline.

ExtremeTech recently posted a story summarizing how Microsoft and its allies worked to take down the world’s largest botnet, Rustock. A Microsoft blog detailed how Microsoft, working with law enforcement, actually seized the command and control servers that controlled the zombie army. Microsoft then worked with ISPs and a Chineese domain registrar to blacklist the addresses from which the command servers were operating, basically severing the command and control structure from the botnet. Microsoft and some allies are now working with ISPs to clean the Rustock malware from millions of infected machines.

A couple of interesting points taken from the article. The seizures don’t appear to have been done under the auspices of any sort of anti-spam law, but instead were carried out under the guise of copyright enforcement, since the spammers were sending out fake email using the trademarks of Microsoft and other companies. Those “other companies” were some of the allies working with Microsoft, and explain what might seem odd at first blush – Pfizer working with Microsoft. Pfizer was working to protect its own brand.

Have you seen any change in the amount of spam you receive?

Botnet takedowns reduce spam by 90%, but more action needed [ExtremeTech]

Taking Down Botnets: Microsoft and the Rustock Botnet [Microsoft on the Issues blog]

Evan Kline

Hello, I'm Evan. I write about tech from my perspective – that of the average 40-something tech geek. You can also find me on Twitter and at my real-life job as a lawyer.    MORE ABOUT ME.


  1. The Rustock take-down was on March 11. Other spam nets have increase since then.

  2. My ISP email, which has no anti-spam filtering, is getting more spam even after the botnet takedowns. =\

  3. Mostly using yahoo mail, but i haven’t noticed any changes in my spam traffic.
    And 90% seems so farfetched… maybe more people would believe them if they just said 5-10%.

  4. Might have felt something at that time.
    It’s difficult to tell since the spam keeps increasing every day, i have a bad habit of subscribing to wrong websites.
    But it’s nice to see it can be done. I used to think spam is something you can’t ever beat.

Leave a Reply