DDoS attacks fall as crackers turn to spam

By John Leyden → More by this author

2 May 2007 14:20

Baron Samedi and chums redeploy zombie armies

Denial of service attacks are falling out of favour with black hat hackers because using compromised machines to send spam is a more lucrative - and less risky - way of making money illicitly.

Networks of compromised PCs can be used for purposes including relaying junk mail or flooding targeted websites with spurious traffic.

Symantec reckons the noticeable fall in denial of service attacks it witnessed in the second half of 2006 is down to the growing difficulty in launching such attacks, and getting victims to pay up even if these assaults are successful. Stealthier misuse of compromised PCs - such as sending spam - poses far less risk, the security firm argues.

Symantec recorded an average of 5,213 denial of service (DoS) attacks per day in the second half of 2006, down from 6,110 in the first half of last year. The US was the target of most DoS attacks accounting for 52 per cent of the worldwide total.

"DoS attacks are loud and risky. Whenever a bot-network owner carries out a denial of service attack they run the risk of losing some of their bots. This could happen either because an attacking computer is identified and disinfected, or if it is simply blocked by its ISP from accessing the network," Symantec researcher Yazan Gable notes in a posting to Symantec's Security Response Weblog.

Gable adds that the "up-front" costs in setting up a botnet before any hope of payment, as well as the possible loss of an entire bot network if a command and control server is identified, also act as a deterrent.

"It is likely that bot network owners are now moving away from DoS extortion and towards more lucrative ventures like spam. Not surprisingly, we saw a noted increase in spam volumes in the last six months of 2006," he added. ®

7 comments posted — Comment period finished

Track this type of story as a custom Atom/RSS feed or by email.

Consumer revenge site returns after DDoS attack (29 October 2007)
Zombies flood broadband networks (18 September 2007)
Internet ramraiders rear-end domain parking service (24 August 2007)
A glitch in the Matrix, or a hungry exploit? (30 June 2007)
FBI logs its millionth zombie address (13 June 2007)
Cloudmark takes anti-spam to the edge (1 June 2007)
Peer-to-peer networks co-opted for DOS attacks (30 May 2007)
Internet users unfazed by spam: study (25 May 2007)
Student detained following attacks on Estonian websites (7 May 2007)
Zombies infiltrate US military networks (16 April 2007)
China displaces Britain as botnet epicentre (19 March 2007)
Man pleads guilty to spreading Trojan via IRC (22 February 2007)
Imperfect Storm aids spammers (19 February 2007)
Dutch botnet herder fined €75K for sending 9bn spams (2 February 2007)
Botnet 'pandemic' threatens to strangle the net (26 January 2007)
US tops spam relaying and malware leagues of shame (22 January 2007)
Bot software looks to improve peerage (4 May 2006)
Zombie PCs menace mankind (7 March 2006)

Top 20 stories All The Week’s Headlines

Whitepapers
What Every E-Business Should Know about SSL Security and Consumer Trust Mobile Security The Need for Vulnerability Management Life online: Mouse rage!