Prevolence of Botnets and Their Zombies Encourages Spam

By: Tim Cronin

Dark Reading published an article titled “Booming Underground Economy Makes Spam A Hot Commodity, Expert Says” regarding the ease of using botnets for spam activity and how this makes spamming profitable.  Some of the more startling statistics show that “For about $10, [a spammer] can send a million emails”.  Even if 2 people order a product that they are selling for $10, that’s a 100% profit over the cost of the use of the botnet.  Assuming the actual production of the product is cheap enough, that’s a good margin.

How are botnets so inexpensive, though?  And, why are there so many available?  If you look at Commtouch’s Malware Outbreak Center you will notice that the vast majority of detected malware seems to be botnet downloaders.  Gone are the times when malware consisted of cute “look what I can do” code we are now in the time of real revenue-generating malware.  All a botnet “commander” needs to do is create the code, send it out and let it propagate through the Internet.  Eventually, there will be enough zombie hosts to really make money.

The strategies in use now should provide a good-enough deterrent to spammers, but there are simply not enough people using current protections.  So long as host-based malware detection is in use and network based protections such as IDS/IPS, malware scanning and firewalling are in use, then the amount of zombies on the internet will be reduced enough so that spamming will not be profitable.  Then we can look at our in boxes with confidence.  We haven’t reached that point yet, because there just simply aren’t enough people using adequate controls of network traffic.  According to Commtouch  again, in the Western world, zombies are not as common as developing nations.  Unfortunately for the Western world, we feel the effects of others’ lack of controls. 

Judging from all of this information, all the world needs to do in order to stop spam is make sure we are using currently available controls for our networks.  This will make spamming unprofitable and make spammers use their tricks for other means.  Until that day, the back-and-forth between spam and anti-spam will continue.


