14 DAY TRIAL // Security vendors warn that Rustock, the largest spam botnet in the world, which has been inactive since Christmas, suddenly started spamming again in full force.
Rustock is a botnet that dates back several years. It had its ups and downs along the way, but it reached its peak last year after dropping TLS encryption and doubling its output.
According to data from messaging security vendor M86 Security, in August 2010, Rustock accounted for over 60% of the world's daily spam traffic.
This activity began to decline in September when Spamit, the largest rogue pharmacy affiliate program and one of Rustock's biggest clients, announced plans to close on October 1.
Then on around Christmas, the botnet baffled spam analysts when it suddenly went quiet, as far as spam output is concerned.
It was later determined that the botnet switched to a pay-per-click scheme, but it seems this was most likely an unsuccessful test, as Rustock has now returned to its former self.
"Since around 00:00 (UTC) on January 10, Rustock has resumed activity, and appears set to continue where it left off on December 25 as the biggest source of global spam," security researchers from Symantec, announce.
The botnet's output peaked at 28.2% of the world's spam traffic and drove the overall spam volume up. In fact, statistics show that spam volume nearly doubled compared to Sunday.
The new junk emails sent by Rustock stay true to its old habits and consists mostly of pharma spam with subjects of "Dear [name] -80% now."
Symantec researchers point out that Xarvester, a smaller spam botnet that went dead at around the same time as Rustock, also returned to the spam landscape.
"It is too early to say what effect this will have on global spam levels, or if this return is permanent, but at the moment it certainly seems as if the holiday is over and it's now back to business as usual," the spam experts say.