Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Rustock botnet goes quiet, reason for takedown unclear

Rustock has gone quiet and security analysts aren't sure why

Notorious spam botnet Rustock has gone quiet and security analysts aren't sure why.

Researchers with Symantec's MessageLabs Intelligence, citing a Brian Krebs post on KrebsonSecurity, said the botnet ceased sending spam around 15:30 UTC, on March 16th.

Late last year Rustock still remained the most dominant botnet on the spam scene, with spam output that more than doubled in one year, according to MessageLabs Intelligence. In 2010, Rustock was responsible for more than 44 billion spam emails per day and had more than one million bots under its control and accounted for as much as 47.5 percent of all spam.

More about botnets

"At its peak it was responsible for more than half of all global spam," said MessageLabs Researcher Paul Wood. "However, in the last few months, other botnets have been steadily increasing their output to match, or even exceed, that of Rustock."

The increase from other botnets means that so far, this recent takedown of Rustock hasn't had much noticeable effect on the overall amount of spam tracked by MessageLabs Intelligence, said Woods.

"So far, in fact, traffic looks normal," he said.

Woods said it's unclear if the takedown or closure will be permanent. Rustock has gone quiet before, over the last holiday season it stopped spamming for several days but came back as strong as ever, he noted. If this current stoppage is the result of a coordinated takedown it would be the largest take down of a bot network to date.

Read more about data protection in CSOonline's Data Protection section.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: etwork, MessageLabs, Symantec
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: antispam, applications, Bagle, botnet, data protection, Intel, messagelabs, rustock, security, software, spam, symantec
Latest Blog Posts
Whitepapers
  • Bend or break: Flexible Policy
    DON’T. PANIC. Aligning business and IT needs has always been a challenge. Finding the right balance between ensuring the safety of sensitive data and enabling the free flow of information is increasingly difficult in today’s evolving regulatory and threat environment. Read on.
    Learn more »
  • Oracle Exadata Database Machine Warehouse Architectural Comparisons
    Exadata is Oracle’s fastest growing new product. Much of the growth of Exadata has come at the expense of specialized data warehouse appliance vendors. These vendors have published competitive comparisons to Exadata, claiming: Architecture is what really matters for performance, Purpose-built data warehousing architectures perform best, They see architecture as an end in itself rather than as a means to an end. Read on.
    Learn more »
  • 5 Best Practices for Achieving Peak Performance in SAP Environments
    Given how deeply businesses rely on their SAP systems, it’s simple to see that maximizing performance and uptime is critical. What’s not so simple is figuring out how to understand, let alone optimize, performance in these complex, dynamic, and interrelated ecosystems. This paper offers five best practices that can help administrators more effectively measure and improve SAP performance.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments