Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Sturdier Botnets Mean More Spam In 2007

The late-2006 appearance of durable botnets was a tipping point in the back-and-forth battle against spammers, an industry analyst said Friday, who predicted that spam will continue to gain ground on defenses.

Assembled by a Trojan called SpamThru, the new botnets are tougher to bring down, says Paul Wood, senior analyst with MessageLabs, a message security and filtering service. "The advent of Trojans like SpamThru makes it possible for each bot in the net to learn about the location of other bots. When a bot goes down or the command and control channel is compromised, the other bots know about it."

In SpamThru's techniques, if a control server is shut down, the spammer can easily update the rest of the bots with the location of a new server as long as he controls at least one bot in the net. And if a specific bot is shut down, its spam load can be quickly shifted to another, as-yet-undiscovered, bot.

"Until now, it's not been possible to regain control of a [compromised] botnet," says Wood. "This makes botnets much more resilient."

And that, says Wood, is bad news for companies and consumers plagued by a tidal wave of spam since September and October. "In the last few months, certainly from September-October, spam has become much more aggressive."

  • 1