0 Replies Latest reply on Feb 20, 2008 9:49 AM by HarryWaldron

    Ozdok/Mega-D Botnet - May be generating 30% of all spam world-wide

      :eek: Based on testing and extrapolation of spam sampling results, this new 35,000 member botnet may be generating up to 30% of the spam email sent world-wide. While the Storm Worm still has far more spam producing capabilities, it can fall into periods of silence based on controls issued by the malware authors. This botnet should be followed closely as it's most likely in second place when it comes to world wide spam generation.

      Ozdok/Mega-D Botnet - May be generating 30% of all spam world-wide
      http://www.secureworks.com/research/threats/ozdok/?threat=ozdok
      http://www.marshal.com/trace/traceitem.asp?article=510

      QUOTE: Last week the TRACE research team at Marshal put forth some statistics regarding spam activity from botnets. The statistics pointed to a botnet dubbed "Mega-D" as the new leader of the spambot pack, spewing 32% of the world's spam according to Marshal's spamtraps. This set off a firestorm of speculation: what family of malware was behind this previously unknown botnet? How had it emerged to challenge Storm with hardly a mention in any research articles or press?

      Based on the number of bots connecting to mail servers we monitor, we estimate that Mega-D consists of around35,000 infected machines worldwide. This is a very strong botnet, but hardly a challenger to Storm. Even though Storm has waned to around 85,000 bots, it still holds far more spamming capacity.

      Most AV Vendors ae currently detect the Ozdok Botnet
      http://www.virustotal.com/analisis/f24030f569a4777775a88c32ced84fe4