Cutwail botnet generated 1.7 trillion spam messages

The researchers from universities in Bochum, Germany, and Santa Barbara in California, working closely with The Last Line of Defence, an IT security firm, say they were able to make this assertion after gaining access to the botnet's command-and-control (C&C) servers.

According to Kaspersky Labs' Threatpost newswire, the analysis shows how "amazingly resilient” and prolific the botnet has been - and profitable, generating as much as $4 million in profits for its owners.

"As a result of the researchers' work, the C&C servers they had access to were taken offline, as were several other associated C&Cs, and spam volumes from Cutwail have dropped", says the newswire.

"The takedown also partially disrupted the Bredolab botnet, which relied on Cutwail for some of its malware infections, they said", the newswire adds.

Threatpost goes on to quote Brett Stone-Gross, a PhD student with the University of California Santa Barbara as saying that he was interested in getting at the ground-level truth about spam.

Stone-Gross and his colleagues have authored a paper on the Cutwail botnet entitled "The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns."

What's interesting about the paper, Infosecurity notes, is that it says that Cutwail is actually an amalgam of several smaller botnets, with Cutwail driving the initial infected of the users' PC and then extra add-ons allowing the smaller botnet to take over.

What’s Hot on Infosecurity Magazine?