Lethic botnet

The Lethic Botnet (initially discovered around 2008[1]) is a botnet consisting of an estimated 210 000 - 310 000 individual machines [2] which are mainly involved in pharmaceutical and replica spam.[3] At the peak of its existence the botnet was responsible for 8-10% of all the spam sent worldwide.[1]

Dismantling and revival

Around early January 2010 the botnet was dismantled by Neustar employees, who contacted various Lethic internet service providers in a bid to take control of the botnet's command and control servers.[4][5][6][7] This move temporarily caused the botnets' spam to decrease to a trickle of its original volume.[8]

In February 2010 the owners of the botnet managed to re-establish control over the botnet, through the use of new command and control servers located in the United States. The takedown has decreased the spam volume of the botnet, however. As of February 2010 the botnets' amount of spam was down to a third of its original.[3] As of April 2010 the botnet has an estimated 1.5% share of the spam market, sending about 2 billion spam messages a day.[2]

See also

References

  1. 1 2 "Lethic". M86 Security. 2010-01-06. Retrieved 2010-08-28.
  2. 1 2 "Symantec.cloud | Email Security, Web Security, Endpoint Protection, Archiving, Continuity, Instant Messaging Security" (PDF). Messagelabs.com. 2010-04-04. Retrieved 2014-01-09.
  3. 1 2 "Lethic is Back in the Game". M86 Security. Retrieved 2010-08-28.
  4. Leyden, John (2010-02-17). "Undead botnets blamed for big rise in email malware; Grave concern over reanimated cyber-corpses". theregister.co.uk. London, UK: The Register. Retrieved 2014-01-09.
  5. Leyden, John (2010-01-13). "Lethic botnet knocked out by security researchers; Zombie network taken down". theregister.co.uk. London, UK: The Register. Retrieved 2014-01-09.
  6. "More Researchers Going On The Offensive To Kill Botnets". DarkReading. Retrieved 2010-08-28.
  7. "Spammers survive botnet shutdowns". BBC News. 2010-03-18. Retrieved 2010-08-28.
  8. "Lethic botnet - The Takedown". M86 Security. Retrieved 2010-08-28.


This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.