14 DAY TRIAL // According to a report from Symantec's MessageLabs arm, Rustock remains the largest spam-sending botnet and has doubled its output after stopping using TLS to encrypt email traffic.
These days spam traffic is pretty much exclusively generated by botnets; as much as 95% at the moment, according to the latest MessageLabs Intelligence report (PDF).
This is 11% more than what it was at the end of the first quarter and Rustock is apparently responsible for this significant increase.
"Rustock remained the most dominant spam-sending botnet responsible for the majority of botnet spam, 41 percent in August up from 32 percent in April, but shrinking in the number of bots under its control from 2.5 million in April to 1.3 million in August," Paul Wood, a MessageLabs Intelligence senior analyst, notes.
The main reason for the spike in Rustock-generated spam is the decision of the botnet's runners to stop encrypting rogue email traffic with TLS (Transport Layer Security). This allowed each infected computer to double its output from 96 spam emails per minute to 192.
"Recent analysis of TLS encrypted spam reveals that the trend has almost completely vanished. At its peak, in March, this tactic accounted for as much as 30% of spam from all sources and as much as 70% of the spam from the Rustock botnet," the researchers say in their report.
Rustock is one of the oldest and most successful spam botnets around. Most of the computers infected with this malware are hosted in US, but their number has doubled during the past quarter.
As far as spam source is concerned the most notable change was registered by UK, where spam traffic has more than doubled compared to the first quarter.
This pushed the Europeran country from the fourteenth to the fourth place in the top. Meanwhile, the United States (10.7%), India (6.8%) and Brazil (5.4%) remain the primary origin of junk emails.