Spam Flood Unabated After Bust 188
AcidAUS writes "Last week's bust of the largest spam operation in the world has had no measurable impact on global spam volumes. The spam gang, known by authorities and security experts as HerbalKing, was responsible for one-third of all spam, the non-profit antispam research group Spamhaus said." The article speculates that the operators of HerbalKing simply passed on to associates the keys to the automated, 35,000-strong botnet, and the spam flow didn't miss a beat.
Spam is still profitable (Score:4, Interesting)
Re:Another theory... (Score:4, Interesting)
"Hey, I got an idea, if we get caught lets make sure something happens that gives us an even longer prison sentence!"
Marked reduction here (Score:4, Interesting)
Maybe most of my spam originated on their bot net. My dSPAM fourteen day analysis shows my incoming spam rate has dropped to less than half the level of a week ago.
Note, I'm not complaining.
Cheers,
Dave
Re:And another (probably more accurate) idea is: (Score:3, Interesting)
> Would be nice to see something legally happen to them, as well. Seriously, if one pulls
> a number out of their ass, no matter what side of the fence they are on, they should be
> held accountable for lying at the least (publicly shunned on their "stats" in the
> future), libel, to out and out fraud.
So sue them for the damage they did to you.
thats one possibility (Score:5, Interesting)
If they sent the keys to that botnet via email.
That is an interesting idea, but what would be the incentive for spammers to cooperate?
I suspect it is more likely that the systems in their botnet - of which many are compromised windows PCs - were re-compromised by someone else's worm and is now doing someone else's botnet work.
Re:thats one possibility (Score:5, Interesting)
Either that or they had a queue of spam that needed to be sent and its still flushing it out.
Re:Solution (Score:2, Interesting)
Did you come up with this on your own or did you find it somewhere? I think it's:
(X) Funny (X) Unfortunately true
Re:Another theory... (Score:4, Interesting)
Why wouldn't it just keep on churning out the spam it has until given new stuff?
Because the life expectancy of a given spammed domain is on the order of several hours now, even with fast-flux DNS tactics, and professional spammers certainly understand that. There's no reason to expect that botnets are given a "spam this until otherwise instructed" order; instead, evidence points to very specific commands from botnet operators to mail each campaign for X site to Y addresses over Z period of time. There are screenshots out there of popular spam/bot controller interfaces. Besides, if the botnet operators have been busted, we have to presume that access to their C&C (and the ability to shut down the botnet) was part of a plea bargain.
I've mentioned this anecdotally to friends and coworkers over the past week, but apparently I'm not the only one to notice: after the bust, spam volume has remained steady. Claims that this group was responsible for a third of all spam appear to be sorely overrated.
No spam for 5 days. (Score:3, Interesting)
Re:Notice there are no more illegal drugs for sale (Score:2, Interesting)
Spammers also like to masquerade as legitimate advertising outfits. It used to be the one spamming was also flogging the bogus product. Now the spambot herds are a resource to rented and the spammers could care less whether any product moves or not. The only credit card they are interested in is the one that pays them for doing the spam runs.
Following the money will still work in this instance but you likely won't be punishing the spammer. Rather, you'll punish the one who hired the spammer either because they didn't understand the nature of the "marketing campaign" they contracted for or just didn't care. I'm not sorry for them in any case. It's called due diligence. Well, I'd go light on them IF a spambot herder gets his hide nailed to a wall.