Just How Pervasive is Botnet Spam?

by Christopher on May 12, 2011

If you’re aware of key concerns in the fields of anti-spam technology and managed email security, you’ve heard about the threat of your computer being recruited into a botnet via email spam. Malware can be uploaded onto your computer with just one wrong click in a spam message. Some of it secretly hijacks your email account for use in a network of “bot” or “zombie” computers that sends out mass quantities of spam.

To many, this sounds like a remote possibility with a science fiction tinge to it. However, botnets are quite real; they control millions of computers all around the world and send out the vast majority of the global spam in circulation at any given time.

According to the MessageLabs Intelligence 2010 Annual Security Report, an average of 88.2 percent of all spam originated from botnets last year. One botnet in particular, called Rustock, was solely responsible for 47.5 percent of all spam, cranking out an average of 44.1 billion spam emails per day over the course of the year. And while it’s easy to get the impression from much of the writing on the subject that the botnet threat is mostly of concern to people in Asia, Europe, and Africa, the Unites States is the primary source of infection for the estimated 1.1 to 1.7 million computers acting as Rustock zombies.

Grum, the second largest spam botnet, sent an average of 7.9 billion spam messages a day, or 8.5 percent of 2010’s global spam, using between 310,000 and 470,000 hijacked computers. Last year’s third most significant botnet was Cutwail, launching 5.9 billion emails a day, on average, and sending 6.3 percent of all spam for the year to control somewhere between 560,000 and 840,000 bot computers.

The remaining top ten 2010 botnets, in descending order of how much spam they sent, are called Maazben, Mega-D, Cimbot, Bobax, Xarvester, Festi, and Gheg. In total, botnets were responsible for an average of 71.1 billion spam emails every day last year, in stark contrast to the 21.8 billion daily spam messages sent from non-botnet computers. Up to 5.4 million computers are believed to have been under botnet control in 2010.

While most spam is more nuisance than threat, there was an alarming increase in the amount of malware delivered by botnet-infected computers last year, notes the MessageLabs Intelligence Report. Cutwail was identified as the most significant botnet in this respect, especially with its massive mailings of spam messages containing the Bredolab Trojan.

In addition, the acquisition of medications from unlicensed online sellers is a leading spam-related health and safety concern. According to a January 11, 2011 article in PC World, about 36 million Americans reportedly make such purchases. The majority of spam originating from botnets is pharmaceutical spam, which even made up the bulk of Rustock’s emails last year.

Spam, computer infections, and other threats originating from botnets are far more pervasive and serious than many people realize. If your email account were to be compromised, it would jeopardize everyone whose email address is stored in your account. Addresses in your contacts list, and any your account can auto-complete, will be the first to get spam from your hijacked computer. Messages will arrive seeking to upload malware to their systems in an attempt to recruit them into the same botnet.

This can be an embarrassment, but it can also be damaging when professional contacts start receiving spam from your email address. Of course, your computer will also be transferring any risks associated with the spam, including viruses or potentially harmful content, such as pharmaceutical spam.

Posted in: Email Security

Previous post:

Next post: