The Lethic Botnet (initially discovered around 2008) is a botnet consisting of an estimated 210 000 - 310 000 individual machines [1] which are mainly involved in pharmaceutical and replica spam.
The botnet was most prevalent in Europe, India and Southeast Asia.[2]
Dismantling and revival
editAround early January 2010 the botnet was dismantled by Neustar employees, who contacted various Lethic internet service providers in a bid to take control of the botnet's command and control servers.[3][4][5][6] This move temporarily caused the botnets' spam to decrease to a trickle of its original volume.[7]
In February 2010 the owners of the botnet managed to re-establish control over the botnet, through the use of new command and control servers located in the United States. The takedown has decreased the spam volume of the botnet, however. As of February 2010 the botnets' amount of spam was down to a third of its original. As of April 2010 the botnet has an estimated 1.5% share of the spam market, sending about 2 billion spam messages a day.
See also
editReferences
edit- ^ "Symantec.cloud | Email Security, Web Security, Endpoint Protection, Archiving, Continuity, Instant Messaging Security" (PDF). Messagelabs.com. 2010-04-04. Retrieved 2014-01-09.
- ^ "Lethic botnet". Semantic Scholar.
- ^ Leyden, John (2010-02-17). "Undead botnets blamed for big rise in email malware; Grave concern over reanimated cyber-corpses". theregister.co.uk. London, UK: The Register. Retrieved 2014-01-09.
- ^ Leyden, John (2010-01-13). "Lethic botnet knocked out by security researchers; Zombie network taken down". theregister.co.uk. London, UK: The Register. Retrieved 2014-01-09.
- ^ "More Researchers Going On The Offensive To Kill Botnets". DarkReading. 11 January 2010. Retrieved 2010-08-28.
- ^ "Spammers survive botnet shutdowns". BBC News. 2010-03-18. Retrieved 2010-08-28.
- ^ "Lethic botnet - The Takedown". M86 Security. Retrieved 2010-08-28.
External links
edit