Posts Tagged ‘malware’

Free silent business audit and forensic analysis

July 28, 2009

Last week we announced an exciting new offer for all businesses in the US – a free silent business audit with forensic analysis. This service will help network administrators understand how well their current security products are working, improving network security and employee productivity.

The silent business audit and forensic analysis will accomplish this by sitting behind an organization’s normal firewall and monitoring spam, malware and Internet usage trends to determine what is getting by the firewall and spam filters. At the end of the 14 day audit period Astaro will provide the organization with a report detailing what malware passed through the firewall. As an added bonus, the appliance will also block the transfer of any malware and spyware that makes it passed the normal web filter to avoid the spread of infections.
To register for a silent business audit and forensic analysis click here.


Prevolence of Botnets and Their Zombies Encourages Spam

July 27, 2009

By: Tim Cronin

Dark Reading published an article titled “Booming Underground Economy Makes Spam A Hot Commodity, Expert Says” regarding the ease of using botnets for spam activity and how this makes spamming profitable.  Some of the more startling statistics show that “For about $10, [a spammer] can send a million emails”.  Even if 2 people order a product that they are selling for $10, that’s a 100% profit over the cost of the use of the botnet.  Assuming the actual production of the product is cheap enough, that’s a good margin.

How are botnets so inexpensive, though?  And, why are there so many available?  If you look at Commtouch’s Malware Outbreak Center you will notice that the vast majority of detected malware seems to be botnet downloaders.  Gone are the times when malware consisted of cute “look what I can do” code we are now in the time of real revenue-generating malware.  All a botnet “commander” needs to do is create the code, send it out and let it propagate through the Internet.  Eventually, there will be enough zombie hosts to really make money.

The strategies in use now should provide a good-enough deterrent to spammers, but there are simply not enough people using current protections.  So long as host-based malware detection is in use and network based protections such as IDS/IPS, malware scanning and firewalling are in use, then the amount of zombies on the internet will be reduced enough so that spamming will not be profitable.  Then we can look at our in boxes with confidence.  We haven’t reached that point yet, because there just simply aren’t enough people using adequate controls of network traffic.  According to Commtouch  again, in the Western world, zombies are not as common as developing nations.  Unfortunately for the Western world, we feel the effects of others’ lack of controls. 

Judging from all of this information, all the world needs to do in order to stop spam is make sure we are using currently available controls for our networks.  This will make spamming unprofitable and make spammers use their tricks for other means.  Until that day, the back-and-forth between spam and anti-spam will continue.