How Destroying a Botnet Reduced Worldwide Spam By 90% (Have You Seen a Difference?)
Have you noticed a decrease in spam in your email inbox recently? I haven’t, but that may be due to Gmail’s excellent spam filters. According to Symantec, though, worldwide spam has decreased 90% in the last year. How? Two of the world’s largest botnets were knocked offline, accounting for much of the reduction. Those botnets controlled millions of infected computers, sending out billions of spam email messages a day. With the botnets out of the picture, spam has fallen dramatically. Here’s how the botnets were taken offline.
ExtremeTech recently posted a story summarizing how Microsoft and its allies worked to take down the world’s largest botnet, Rustock. A Microsoft blog detailed how Microsoft, working with law enforcement, actually seized the command and control servers that controlled the zombie army. Microsoft then worked with ISPs and a Chineese domain registrar to blacklist the addresses from which the command servers were operating, basically severing the command and control structure from the botnet. Microsoft and some allies are now working with ISPs to clean the Rustock malware from millions of infected machines.
A couple of interesting points taken from the article. The seizures don’t appear to have been done under the auspices of any sort of anti-spam law, but instead were carried out under the guise of copyright enforcement, since the spammers were sending out fake email using the trademarks of Microsoft and other companies. Those “other companies” were some of the allies working with Microsoft, and explain what might seem odd at first blush – Pfizer working with Microsoft. Pfizer was working to protect its own brand.
Have you seen any change in the amount of spam you receive?
Taking Down Botnets: Microsoft and the Rustock Botnet [Microsoft on the Issues blog]