Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News
    • Blogs
    • Security Watch

    As Conficker Turns, Botnets Burn

    By
    Matthew Hines
    -
    April 28, 2009
    Share
    Facebook
    Twitter
    Linkedin

      So, whatever happened to Conficker?

      Well, it’s still sitting there. And depending on whether you believe that it’s still rotting on 15 million endpoints or more, or as Kaspersky researchers recently estimated, only about 200,000, it’s there. Doing something, or things. Occasionally being used to generate spam-driven malware campaigns, occasionally updating itself.

      Some people think that Conficker was too good for its own good, and spread so quickly that it lessened its eventual punch by raising the hackles of everyone from U.S.-CERT to “60 Minutes.”

      Others think that it’s pretty much done what it was designed to do, which was take advantage of a ton of machines that never got updated with an available Windows security patch from Microsoft.

      But if we are in the end to judge it by its behavior, basically, it’s just your average botnet being used for fairly run-of-the-mill badware and spam distribution. If anything, it’s been acting a little sluggish, compared to other (known) botnets of its class.

      Meanwhile, while everyone’s been scratching their collective chins and wondering what Conficker is built for, other more heavily tasked botnets are cranking away with reckless abandon.

      According to a report issued by botnet researchers at Web gateway vendor Marshal8e6 on Monday, some of the hardest working botnets, including the Rustock and Xarvester networks, are creating individual zombie computers that can send up to 600,000 spam messages in a 24 hour period.

      “Over the past few years, botnets have revolutionized the spam industry and pushed spam volumes to epidemic proportions despite the best efforts of law enforcement and the computer security industry,” Phil Hay, a senior threat analyst at Marshal8e6’s Tracelabs, said in a report summary.

      While Conficker is putzing around trying to find itself, the Xarvester, Mega-D, Gheg, Grum, Donbot, Pushdo, Bobax, Rustock and Waledac botnets are cranking out more than 70 percent of the world’s total spam, the report contends.

      And while infected Web sites have become the primary attack model for malware distributors in recent years, the sites typically rely heavily on e-mail driven social engineering campaigns to lure visitors into clicking over.

      “The spamming botnets are constantly in flux. Botnets morph, become obsolete, replaced, taken down, and upgraded. One thing is clear, a mere handful of botnets are responsible for the bulk of all spam sent,” the researchers said.

      Over the last three months, the Pushdo (26.1) and Rustock (20.6) botnets alone have accounted for just under 50 percent of all the world’s spam, outranking its peers by a significant margin, Marshal8e6 said.

      The company reported that its data, compiled during the first quarter of 2009, represents two years of observation into the inner workings of the botnets.

      So, let me get this right. We’ve known about Rustock for years, and it’s pounding out nefarious content, we can’t seem to stop it, yet we’re obsessed with Conficker.

      Perhaps we should be measuring the potency of these botnets based on their output, versus measuring their notability by their stature. Because when it comes to which of the attacks is doing the most damage, it seems like that race is already over.

      Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to [email protected]

      Matthew Hines

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×