TechPunk

If you hate the amount of unsolicited email that winds up in your inbox, you are gonna love the strides that researchers are taking to fight the dreaded botnets that exist solely to cause you pain and suffering any time you access your mail.

Some researchers are not taking this sitting down and have taken the fight to the cyber-crooks in an attempt to slow the spread of malicious software throughout the Web.

Kelly Jackson Higgins @ DarkReading puts together a great read on what is working and what is not in this fight:

For the most part researchers monitor and study botnets with honeypots and other more passive methods. Then security vendors come up with malware signatures to help their customers scan for these threats. But some researchers are turning up the heat on the bad guys’ botnet infrastructures by taking the lead in killing some botnets: Aside from last weekend’s takedown by Neustar of Lethic, which is responsible for about 10 percent of all spam, FireEye last November helped shut down the MegaD botnet. And researchers at the University of California at Santa Barbara in May revealed they had taken the offensive strategy one step further by infiltrating the Torpig botnet, a bold and controversial move that stirred debate about just how far researchers should go to disrupt a botnet.

Back in 2008 after two major ISPs halted traffic to malicious hosting provider McColo, spam worldwide dropped around 70 percent because McColo had been the main home to most botnet command and control (C&C) servers.

Arbor Networks fills us in on the Lethic Spambot:

There’s another spambot afoot, and of its activities is to spam pharmacy and pill spam. We found it via the malcode in our zoo and the C&C traffic that we hadn’t characterized previously. AV coverage of the samples is modest. The botnet appears to be spamming the usual unwanted junk, and appears to be a medium sized botnet.

Give these guys and girls a hand for wading into this spam infested cesspool and doing the heavy work so we don’t have to.

Cheers!