Mega-D usurps Storm Worm as top spam botnet

Share this article:
Storm Worm is no longer the biggest spam-generating botnet on the block.

The well-known trojan botnet is now just a minor spam source, accounting for only two percent of junk email. Meanwhile, the Mega-D spambot type is responsible for nearly one-third (32 percent) of all unwanted email, according to researchers at Marshal, a U.K.-based messaging security firm.

A year ago, Mega-D, which distributes spam advertising male enhancement pills such as Maxherbal, Express Herbals, Herbal King and VPXL, was disseminating 11 percent of spam, according to Marshal researchers.

“This one bot has already exceeded Storm's records and it has done it quietly without attracting too much attention,” said Bradley Anstis, Marshal vice president of products. “This might signal a new strategy by some of the spam crews to try and draw less attention to themselves through high-profile email campaigns.”

Meanwhile, the Storm botnet, which has used an arsenal of dissemination tactics, had been distributing 20 percent of all global spam last September, according to Marshal.

Likewise, the Pushdo trojan was responsible for 20 percent of all spam last December, but it now distributes only six percent of global junk mail.

Anstis said that Storm may be a victim of its own high profile.

“Microsoft has been targeting Storm with its Malicious Software Removal Tool since September of last year. They claim that they have cleaned around 200,000 computers per week of the Storm bot since then,” he said in a news release. “If that is accurate, it must be a key reason for the decline of Storm.”

The Storm botnet, first seen in January, 2007, claiming to have fresh news about European wind storms, has posed as Valentine's Day greetings and redirected recipients to fake medical sites.
Share this article:

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.