Rustock Botnet Nuked!

[tunnelcat 1]

Remember a few years back when Avsim was unfortunately compromised and everyone started getting loads of email spam? Well, the Feds and Microsoft solved the problem for us. They brought down the Rustock Botnet and all, and I mean ALL the spam I was getting in that one particular email account (the one I'd been using for Avsim) disappeared and vanished completely THE NEXT DAY! I know the spam originated from the Avsim attack because I'd never gotten spam in that account before that incident. I am soooooo grateful. Anybody else notice a drop in their spam load?http://krebsonsecurity.com/2011/03/rustock-botnet-flatlined-spam-volumes-plummet/

[n4gix 4,961]

Remember a few years back when Avsim was unfortunately compromised and everyone started getting loads of email spam? Well, the Feds and Microsoft solved the problem for us.

Well, that was an interesting read. As a matter of fact, I have had zero "spam" since last Thursday...But, as the article states, it's only a matter of time before the next "bot" shows up. It's just too profitable for some folks to resist.

[Captain_Barfbag 31]

The article discusses domain names which "go live" when they are registered by someone. So, who is registering these domain names? That involves a nominal fee, so who is paying for them?It strikes me as typical of actions like this. Sure, they can knock the bots off a few servers, but why don't they go after the individuals involved? As it is, they'll be back in business in a few days. All they did was inconvenience a few ISPs, who can probably get away with the Sargeant Schultz "I know nothing, I know nothing," defense, even though they must have known something fishy was going on.Once again, it's Security Theater, just like TSA.

[Guest jahman]

The article discusses domain names which "go live" when they are registered by someone. So, who is registering these domain names? That involves a nominal fee, so who is paying for them?It strikes me as typical of actions like this. Sure, they can knock the bots off a few servers, but why don't they go after the individuals involved? As it is, they'll be back in business in a few days. All they did was inconvenience a few ISPs, who can probably get away with the Sargeant Schultz "I know nothing, I know nothing," defense, even though they must have known something fishy was going on.Once again, it's Security Theater, just like TSA.

Maybe if you learned something about how spammers spam you wouldn't make statements like these. Fighting spam is extraordinatily dofficult, for starters because spammers purposefully operate in certain, specific legal jurisdictions to remain beyond the reach of the law.As for getting spam, use an email address from one of the main free email providers and you just won't get any at all.Cheers,- jahman.

[Tom Allensworth 1,532]

The spam that occurred after May of 2009, resulted from the THEFT and let me say that again, THEFT, of our email database by Phil Dawson, of SIMFLY.EU fame. He's the guy that bombarded every AVSIM email account. He stole our database and then had the gall to admit it in our forum and then insulted everyone when he offered that they could "voluntarily" opt out (it didn't work - no one was allowed to "opt out"). We trusted him with tremendous access to our system, relying on him to fix some issues. Instead, he took us down and spammed our entire membership. Nice guy, huh?

[Captain_Barfbag 31]

Maybe if you learned something about how spammers spam you wouldn't make statements like these. Fighting spam is extraordinatily dofficult, for starters because spammers purposefully operate in certain, specific legal jurisdictions to remain beyond the reach of the law.As for getting spam, use an email address from one of the main free email providers and you just won't get any at all.Cheers,- jahman.

Yes, but your statement actually proves my point. Fighting spam is a lot of work. This action took many months and many man hours. It was very expensive, both for those doing the work and for the court system to approve the takedowns. Tens of thousands, perhaps hundreds of thousands of dollars invested. But, what did it gain? How long before the botnets are right back up again? Weeks? Days? Certainly less time than the action took to prepare and execute, and at a much lower cost. If they don't go after the disease, but instead only treat the symptoms, the good guys are never going to win.A more promising line of attack was a recent study which showed that over 90% of all spam monetary transactions - for fake Viagra and the like - go through only 3 banks. Since the activity is fraudulent, it is possible to shut down transactions involving these banks with US customers. (They're overseas and offshore.) Yes, the spammers can change contracts to deal with different banks, but the study also demonstrated that they could locate such banks in seconds as soon as they were brought on line, while it would probably take a spammer a week to set up a new bank to process his credit card charges. So, the advantage moves to the good guys. And, eventually even banks in Lithuania are going to tire of having their US business shut down.

[Raindance 25]

"..90% of all spam monetary transactions - for fake Viagra and the like - go through only 3 banks."Redistributing the wealth of fools...more like a social service than a major nuisance (if it wasn't for the spambots)