Application security, Malware

Spam, after a holiday hiatus, returns in earnest

The holiday break appears to have ended for those behind the world's largest spamming operation.

The Rustock botnet, dubbed the largest source of global spam, has resumed activity after a two-week hiatus during which time spam amounts drastically fell, according to security researchers at Symantec.

On Christmas day, the botnet went quiet, but on Monday the botnet resumed operations and once again began distributing pharmaceutical spam. According to security firm NetWitness, the messages are attempting to push Viagra from "shady" sites ending in the .ru domain.

The messages are being sent with subject lines such as "Dear [username] -80% now," security researchers from Symantec Hosted Services wrote in a blog post Monday The messages direct users to click on a link that takes them to a fraudulent website called "Pharmacy Express."

Researchers believe the botnet is poised to quickly return to pre-Christmas spam output levels.

“While levels of Rustock output appear marginally lower than before Christmas, we see no reason they won't reach those previous levels again, bringing global spam levels back up to the approximately 90 percent levels [off all emails] we had become so used to,” Symantec researchers said.

Meanwhile, spam output from two other major botnets, Xarvester and Lethic, also declined during the holiday season. Xarvester also since resumed delivering junk mail after its short break, which began on Dec. 31.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.