Big botnet takedown

The Department of Justice and the FBI took aggressive action against the Coreflood botnet this week. They not only seized domain names and some hardware, they also received permission to actively respond to infected machines. This TRO allows the government to intercept and respond to infected computers. This essentially cuts off the botnet at it’s knees.
I haven’t heard any comments on the impact this takedown had on spam levels, but not all botnets are used for spamming. Other uses are for cracking, hosting scam and phishing websites and denial of service attacks.
This is the second major botnet takedown in recent weeks. These investigations and takedowns consume a lot of resources, but it’s good to see law enforcement getting involved. Filtering only goes so far and receivers can’t keep increasing their infrastructure indefinitely.

Related Posts

More spam graphs

Ken Simpson, CEO of Mailchannels, was kind enough to give me permission to post their graph of spam and email volumes from September 1, 2010 through Jan 3, 2011.

Read More

Spam volumes in 2010

I started hearing various people comment about lower spam volumes sometime in mid December. This isn’t that unusual, spam volumes are highly variable and someone is always noticing that their spam load is going up or going down. The problem is extrapolating larger trends from a small selection of email addresses. There’s too much variation between email addresses and even domains to make any realistic assumptions about global spam volumes from mail coming into a particular address or domain. And that variation is before you even consider that spam filters prevent much of the spam from actually reaching people.

Read More