No. 1 Story

ACCC clears Optus to scrap HFC network and use NBN instead

The ACCC has cleared, provisionally, the proposed deal between Optus and NBN Co under which Optus is to be paid around $800m to shut down its HFC network and transfer customers onto the NBN. read more

Related Articles

Undead, MegaD, back, control, the, sex, spam, zombies
Juniper offers SSL VPN security for the iPad
Juniper Networks has extended its SSL VPN security to the iPad with the release...
Read More
Social networking - the security dilemma
A recent survey by security company Sophos exposes the dilemma to business posed by...
Read More
How unique is your presence on the Internet?
You might think that thousands, nay millions of people will be on the Internet...
Read More
AppLabs and Original Software Partner to Help Clients Take the Step from Manual to Automated...
- Sponsored Editorial - AppLabs sees huge value proposition for its clients with...
Read More
Planit tests the water in New Zealand
- sponsored editorial - Australian independent software testing and training organisation, Planit,...
Read More

More From

Popular Threads

Undead Mega-D is back in control of the sex spam zombies

Davey Winder
Tuesday, 09 December 2008 17:34

Business IT - Security

View Comments
Look, everyone knew the day was coming, there is no escaping that fact. It doesn't make it any the more disappointing, but it should hardly be filed under surprise of the year: the Mega-D Botnet is back in action.

When the McColo web hosting outfit was taken down last month I wrote how spammers were in a world of hurt, and oh boy they were.

Taking a single web hosting service out of the equation reduced the volume of spam traffic by as much as 70 percent, with a pretty immediate impact on mailboxes the world over.

A week after the takedown, levels were still way below those experienced before the McColo plug was pulled. But that did not mean that spam was dead.

Still, by all accounts, it hosted the command and control infrastructures for three of the most prolific spamming botnets on the face of the planet: Mega-D, Rustock and Srizbi. One security and spam expert, a lead threat analyst with the Marshal TRACE Team called Phil Hay, went as far as calling it "the most significant single event in the fight against spam we have ever seen.”

Trouble is, we all knew even then that it was only a matter of time before those command and control servers were relocated and booted back into action. That day, it would seem, has come and so buyers of spam goods can rejoice.

There is no word as to where the servers are operating, geographically speaking, although China or Russia look most likely going by recent reports.

Phil Hay is now telling me that “Spam from Mega-D has been ramping up over the last few days and reached up to 48 percent of all the spam we captured in our honeypot spam traps.”

Mega-D, of course, was perhaps best known for sending billions of spams which promoted sexual performance enhancing drugs. So expect to see a flood of similar spam messages back in your mailboxes now that the zombie PCs have been re-connected to the Mega-D control centre.

"After McColo was shut down, we observed activity indicating that the individuals behind the Srizbi, Rustock and Mega-D botnets were attempting to set up new command and control servers" Hay says, adding "We saw some activity occurring with the Rustock botnet, but it appears to have gone quiet again. Mega-D is the first of the affected botnets to really bounce back."

Our Services for Technology Professionals

E - mail News SMS Headlines Desktop Alerts News Feeds Job Alerts Technology Events Press-Releases