The new MessageLabs report is out from Symantec, and it should come as no surprise that spam continues to account for more than 90% of all email. Most of this, also no surprise, comes from botnets. Here are a few excerpts from the press report: Symantec Corp. today announced the publication of its June 2009 MessageLabs Intelligence Report. Analysis highlights that spam levels were unchanged since May at 90.4 percent largely due to the several hours of downtime experienced by Cutwail, one of the largest and most active botnets, following the shutdown of California-based ISP, Pricewert LLC (also known ... more

The security company Finjan is reporting they’ve uncovered a “one-stop shopping” website for anything a scam artist could need in the way of botnets. Though the article is lacking in detail, in general terms it outlines a pretty scary idea — making it easier for botnet operators to communicate with their “clients.” Which, as I said, is a pretty terrifying concept. Read the whole article, and see what you think: Researchers have uncovered what is said to be a fully-functional marketplace for building and selling botnets. According to security firm Finjan, the site allows for criminals to obtain ... more

Score one for the University of California, Santa Barbara. Earlier this year, online security researchers there successfully exploited a weakness in the Torpig botnet (a.k.a. Mebroot, Sinowal) after reverse-engineering the code, and registered domains the bot used to contact “command centers” to receive updates and new instructions. Because the bot’s creators had neglected to register all the domain names generated by the bot, UCSB was able to outflank it. By doing so, they reaped an enormous amount of stolen data, and in the end was able to get all the other domain names used by the bot ... more

It was only a matter of time. Apple’s Macintosh computer platform has been targeted with what is being variously described as a worm or virus, which has the effect of turning the machines into zombies on a botnet. Luckily, so far it is fairly specific, since it only seems to be coming from a trial version of Apple’s own iWork. Ironically, PCWorld has the details: Over the years, Mac users have been lucky enough that the word “zombie” only conjures up the shambling brain-craving hordes of the undead in movies like Shaun of the Dead, but Windows users ... more

Google recently released a paper detailing a new CAPTCHA scheme it calls “What’s Up?” (the latest in a long string of such schemes), which it feels will defeat programmatic attempts to defeat it, and make it easier for human users to solve the puzzles — based on identifying a rotated picture. But they’re fighting yesterday’s battle. Because human interpreters of CAPTCHAs are now so cheap, the criminals who use them are actually farming them out to cheaper countries to save money. An article on ZDNet sums this up in great detail. Here are just a few excerpts from ... more

The Waledac botnet has added a new refinement, it seems. The spam it sends out is getting craftier, using IP addresses to customize alarming messages purportedly about a local terrorist bombing to entice recipients to download its malware. From TrendMicro, which has full details and screenshots of the problem, comes a sample of these dire warnings: At least 12 people have been killed and more than 40 wounded in a bomb blast near market in (your local town). Authorities suggested that explosion was caused by “dirty” bomb. Police said the bomb was detonated from close by using ... more

This is stunning in so many ways, that you’ll have to excuse the rather long post. The first botnet operator convicted under federal law was just sentenced to four years in jail (as well as the rather laughable fine of only $2,500), and Mahalo, his employer, is still defending the man. First, the basic story from SecurityInfoWatch: The following information was released by the United States Attorney’s Office for the Central District of California: Concluding the first prosecution of its kind in the nation, a man associated with the botnet underground was sentenced late today to 48 months ... more

The game of better mousetraps being beaten by someone designing a better mouse goes on, it seems. Microsoft’s Hotmail, which uses a CAPTCHA for verification, has been broken so many times now it’s getting hard to keep track of them all. Last fall, they rolled out a “new and improved” version of their CAPTCHA, and it has now been cracked. According to PC World: Spammers have cracked Microsoft Corp.’s latest defense against abuse of its Live Hotmail e-mail service using a sophisticated network of hacked computers that receive encrypted instructions from a central server, a security company has ... more

Microsoft has posted the virtual equivalent of a “Dead or Alive” poster in the Wild West of the Internet. They announced last week a $250,000 bounty on anyone who can give them information which leads to the arrest and conviction of whoever is responsible for the “Conficker” worm (also known as “Downadup”). From the “Security Fix” blog at washingtonpost.com, Brian Krebs writes: Microsoft Corp. today said it is offering a $250,000 reward for information that leads to the arrest and conviction of those responsible for launching the “Conficker” computer worm, a threat that has infected millions of Microsoft Windows ... more

Ahhh… the time of year when Cupid’s arrows fly unhindered towards their targets and lovers swoon under a full moon. Also, the time of year when botnet operators go into a frenzy. The basic message to end-users is: beware of those “kiss kiss” Valentine’s Day electronic cards, because they could leave behind a residue harder to get rid of than the average sexually-transmitted disease. This yearly harvest of the unwary has risen to the notice of the mainstream media. From USA Today comes the following: Cyber criminals have begun inundating the Internet with Valentine’s Day-themed spam, bogus ... more