Botnet controllers are switching to stealth tactics in a bid to avoid detection. Instead of mass mail-outs of spam and malicious code, they are adopting slower distribution tactics in a bid to avoid appearing on corporate security radars.
UK-based web security firm BlackSpider Technologies reports that one huge botnet, responsible for issuing 50m identical spam emails per day, compromises at least 150,000 distinct IP addresses. The use of a large number of machines – each sending out an average of 330 emails a day or around 40 per hour during the course of a working day – is a change from days of yore when a handful of compromised email servers would have been used to do the same job.
It’s well known that packages such as Send-safe.com are used by spammers to control the distribution of junk mail broadband-connected PCs infected by viruses such as SoBig, but BlackSpider’s figures on the mail-out rate from compromised machines add a fresh perspective to the problem.
This is an ever increasing problem. Must read.