AOH :: IS1460.HTM

Penis pill botnet awakens after McColo shutdown

Penis pill botnet awakens after McColo shutdown
Penis pill botnet awakens after McColo shutdown

  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

Content-Transfer-Encoding: QUOTED-PRINTABLE

By John Leyden
The Register
8th December 2008

One of the three botnets cut off by the shutdown of rogue ISP McColo is 
back in business. The Mega-D botnet is back on its feet and throwing off 
huge volumes of spam, net security firm Marshal8e6 reports.

The botnet - best known for spamvertising adverts for penis pills - has 
been linked back to a network of compromised zombie PCs through a new 
command and control infrastructure. Analysis of where these systems are 
located is ongoing and neither Marshal8e6 or its competitors are 
prepared to point the finger of blame just yet. What's not in any doubt 
is that junk mail from compromised systems is on the rise.

"Spam from Mega-D has been ramping up over the last few days and reached 
up to 48 per cent of all the spam we captured in our honeypot spam 
traps," according to Phil Hay, lead threat analyst for the Marshal8e6 

The shutdown of McColo last month was accompanied by a huge drop in the 
global levels of junk mail, with spam levels dropping to a third of 
their normal levels. Spam volumes are beginning to return to normal, 
according to security watchers. "Spam volumes are still only about 40 
per cent of where they were in September this year but they have doubled 
since the last week of November, so the spammers seem to be clawing 
their way back,=E2=80=9D said Hay.


Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Help with a donation! 


Site design & layout copyright © 1986-2014 CodeGods