Security Bytes

May 13 2008   8:53AM GMT

Srizbi botnet is the biggest, but does size matter?

Robert Westervelt Robert Westervelt Profile: Robert Westervelt

Tags:

Security vendor Marshal says the Srizbi botnet has grown to be the worlds largest spam botnet, outpacing the Storm Trojan in sending unwanted email and compromising computers. Srizbi now accounts for half of all spam. In comparison, Storm accounted for 20% of all spam at its peak.

In figures released by Marshal’s research team, Srizbi compromised more than 300,000 machines and sends more than 60 billion spam messages per day, according to Marshal. The botnet is also spreading malware, using social engineering tactics to get computer users to click on a malicious link in the spam email.

Marshal points to efforts to combat the Storm botnet as the reason for its decline. Microsoft’s Malicious Software Removal Tool has been successful in slowing Storm.

What is clear now is that no botnet has a firm footing as the number one player on the block. Marshal said the Storm botnet was outpaced in January by the Mega-D botnet, otherwise known as Ozdok. Srizbi came grew strong enough to be recognized in February.

Other researchers, Damballa for example, are tracking far more malicious botnets. Kraken has been spreading dangerous malware and is more sophisticated, allowing its maker to evade detection by simply moving its command and control function to another domain in a hard-coded list.

Damballa saw more than 400,000 unique infected IP addresses on one day in March, with the number continuing to trend upward from about 300,000 in early March.

Which botnet is the biggest? It depends on what month and which security research team you talk to. I’m not sure it really matters.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: