back to article Security firm chokes sprawling spam botnet

A botnet that was once responsible for an estimated third of the world's spam has been knocked out of commission thanks to researchers from security firm FireEye. After carefully analyzing the machinations of the massive botnet, alternately known as Mega-D and Ozdok, the FireEye employees last week launched a coordinated blitz …


This topic is closed for new posts.
  1. michael W


    Isn't the only reason we don't normally see this happen is because it's against the law in most countries?

    Even though it's meant in good nature they are still accessing machines without consent

  2. David 45


    A bit of good news for a change! More power to their collective elbows, I say. Spammers and botnet operators should be locked up and the key thrown away. Scum of the earth.

  3. The Fuzzy Wotnot

    Nice start...

    All well and good but this is not the problem is it?

    1) Re-educating morons who send off $19.99 on a packet of paracetamol, disguised as "enlargement" pills, when they might as well simply go outside and set fire to their wallets.

    2) The idiots who follow the links in any email to get either more spam, loads of adverts or at worst, malware and viruses.

    We take these morons outside and beat some sense into them, then we will see spam vanish overnight!

  4. Richard Jones 1

    Clearing up Botnets While the closure of this botnet is good news I am concerned that the ISPs lack the skills, staff or understanding that they would need to help their customers remove the problem from their PCs.

    Based on recent experience of their 'skills', my ISP (orange) probably could not turn the power on without someone to show them where the power plug went. If they are to help end users (with similar skill levels?) to clear up their PCs then we are in for a long haul.

  5. Anonymous Coward

    @ Botnet peoples



  6. Anonymous Coward
    Anonymous Coward

    where are they from?

    It would be interesting to see where most of the bots are from, USA? South-east Asia?

  7. Carter Cole

    not good programing

    like they said if its not implemented properly anything can fall. as far as the first comment on it being illegal to modify computers i think they modified the C&C servers not the bot PCs (like BBC did) so it would be hard pressed to find the owner of the computer

  8. Anonymous Coward

    Ignorance not stupidity

    "We take these morons outside and beat some sense into them, then we will see spam vanish overnight!"

    I get annoyed at superior types looking down on those who don't know as much as they do.

    Yes we're all security professionals so know lots and lots about how to keep our systems clean. Many people are sold these things as "great new tools to explore the exciting world of the Interwebs!", with no information on the dark side of it all.

    Really the fail lies in those who sell systems that have security failings, and/or do not warn about the security requirements to keeping them safe and secured.

    Ignorance is simply not having learned something, stupidity is not wishing or caring to learn, or acting on that knowledge.

  9. Anonymous Coward
    Anonymous Coward

    @The Fuzzy Wotnot

    A good start would the US of A recognising that spam is not just another legitamate form of advertising.

    I recently got some unsolicted email from a US firm and when i called them up and took them to task on it, they were both arrogant and far from sorry.

    Really USA wake up. Its not all good old fashioned capitalism, sometime companies should take some social responsibility!! Then at least we could tell the spam from the 'marketing'.

  10. Steve Evans

    Isn't it nice...

    Our govt are trying to legally push to have our ISPs monitor our every move when they really should be encourage them to actively contact and help disinfect people on their network who are spewing spam.

  11. Anonymous Coward


    Now I'll have to rely on the Royal Mail to deliver my spam. It'll cost a fortune and they're on strike a lot.....

    Would have got away with it too, if it wasn't for those pesky....

  12. The BigYin


    Not needed. People will not listen. The owners of the drones should be made to foot the bill for this operation.

    Ignorance is no defence, with anything else you are still liable if you are ignorant (negligent) and held liable. Why should computers be any different?

  13. Ed 17

    Nice work FireEye

    I'd buy you folks a beer if I could. I can't wait to see the retaliatory strike from the botnet's creators.

  14. Anonymous Coward

    Ignorance is no Defence ?

    "Ignorance is no defence, with anything else you are still liable if you are ignorant (negligent) and held liable. Why should computers be any different?"

    So the drones computer has been illegally accessed making them the victim and you propose to fine them ?, interesting idea.

    Not defending people too stupid to get firewalls and AV but as a computer professional your not invulnerable to Zero day infections are you ?.

    Even a live boot cd os is not invulnerable to infection, it just gets reset to uninfected every time you reboot and thats about as secure as it gets with the right distro whilst retaining usable (barely functionality)

  15. Anonymous Coward
    Black Helicopters

    Brick & Mortar Defenses

    Yury will be throwing bricks, and Ivan will be manning the mortar.

    These botnets aren't being operated by PFYs anymore...

  16. The Original Steve

    @Ignorance not stupidity

    What are you talking about?

    Have you worked in an IT Department? Seen home users when a UAC prompt or a "only download this file if you trust it's source" dialogue box appears?

    Questions appear on users screens, asking them simple questions like "only download this application if you trust it"... 99.9% click "continue". They don't care about the concequences, just as long as they get their free emotions or toolbar.

    Users don't read. That's the only explaination I can think of. An out of the box Linux, Mac or even Windows (XP SP2 and up) are secure out of the box. Users don't think they need AV, nor do they apply updates as it takes time.

    Currently there's no concequence for computer owners who are throwing out gigabytes of spam a month. This needs to stop.

  17. Daniel B.
    Thumb Up


    The term "0wned" totally applies to this one!

    I do wonder how nobody had thought of this one before. Having the botnet executable in your hands means that you can find out any possible C&C server, as the bonet "client" has to find one to properly function.

    In fact, I'm thinking about setting up a VM and try to get "botted", just for the kicks. No real harm would be done, as my ISP blocks port 25; the botnet won't be able to send any crap.

  18. Mike Powers

    Terrorism by another name?

    So a small group of non-state actors conducted a coordinated global strike against a massive, seemingly-powerful organization? If they did it to the US DoD we'd call it "terrorism".

    Although it does bring up one of my long-held opinions, which is that setting up "military cyber-ops" is kind of pointless. DDoS attacks are something that sysops have to handle as part of their job, whether the packets are coming from North Dakota or North Korea.

    @The Original Steve: Oh, so now it's "default common knowledge" that you have to install two or three different AV packages from multiple vendors? "Default common knowledge" that you can get viruses just by going to a website, not even clicking on anything or downloading any files? You're right that there needs to be more punishment, but I think that you're aiming your guns in the wrong direction. Isn't "she was asking for it by dressing like that" one of the oldest false-guilt cliches in existence?

  19. Anonymous Coward
    Black Helicopters

    @Jeremy 3

    So, you got spammed by ONE company in the US and blame the country as a whole for the spam problem? Please. Companies that buy 'opt-in mail blasts' are a vanishingly small percentage of the problem.

    A lot of the people profiting from spam in the end are in the US, but there are also a lot of PEOPLE in the US, and we, like Europe, are wealthy and have good infrastructure - it's not exactly surprising.

    Finding a way to take down bulletproof hosts in China would be a massive plus - trying to filter out five hundred million emails when they all point at a single colo'd server somewhere seems somewhat wrong-headed, like trying to kill a tree by checking every leaf in the forest and cutting off the ones attached to it. Seems it would be far more effective to chop it down, despite the increased difficulty of doing so.

    Then again, I suppose that's the last thing that anti-spam and AV vendors want to have happen, isn't it? Aaaand, cue the black helicopters...

  20. Andus McCoatover
    Thumb Up

    Pirating the pirates? Nice job!

    Now, why can't someone do similar to that off the coast of Somalia, and capture a few mother-ships and skiffs. THEN, ransom them off back to the pirates. Doesn't need to be a government, just a rich bloke with a dozen big boats, some serious weaponry, enough unemployed squaddies (Blackwater springs to mind), and become more rich.

    After all, it's in International waters. What jurisdiction?? U.S.who?

    C'mon, Bill Gates, this is your calling!

  21. Tim Schomer
    Paris Hilton

    1. Well Done

    2. Part of the problem is the clueless users who will click on anything, and click on everything else when it doesn't respond immediately. Everyone buying or using a computer for the first time should be given an honest lesson on it's capabilityes and expectations by an independant agency. Then we might get somewhere.

    3. Shoot companies who sell users software such as N****n Internet Security etc.... as a part of the package BUT DON'T PRE-INSTALL IT! (I hate it, but it could save some people) - If it's bundled, people think it's already there and they don't have to think about it, then said companies charge a small fortune for 'disinfecting' said machine (and more often as not charge them AGAIN for the software that was bundled)


    Sorry, had to get that off my chest...

    Paris 'cos, well, chest, Hur Hur - Sorry, got carried away there.

  22. Mike Flugennock

    @Mike Powers 10th November 2009 17:50 GMT

    D'ahhh, "terrorism", my ass.

    Where I come from, we call that "payback", and it's a _bitch_.

    Epic WIN! Congrats, you guys!

  23. Joe Zeff

    @Jeremy 3 again

    Complaining to the company sending the spam was good, but not good enough. You should have told them that not only don't you ever buy anything that's spamvertized, you never patronize companies who spam you, no matter what the product. You should have told them in no uncertain terms that not only didn't they gain a customer by spamming you, they lost one. Make them understand that spamming has consequences, and ones they don't like. Maybe your telling them won't make them stop, but if enough of us do it, and stick to our guns, companies like that will start forcing themselves out of business.

    Think of it as evolution in action...

  24. -tim
    Gates Horns

    Place the blame where it belongs

    Its time more people start suing Microsoft for failure to recall their product. Innocent 3rd parties can win in court and Microsoft does settle.

  25. This post has been deleted by its author

  26. kwikbreaks

    Snail mail spam

    @ Anonymous Coward Posted Tuesday 10th November 2009 16:15 GMT

    Royal Mail already deliver spam to me at no cost. Frequently when expecting something important it fails to turn up but barely a day does by without junk mail arriving.

    If only somebody could produce a device to filter junk mail directly to the recycling bin they'd be on a winner.

  27. BlackMage

    @Ignorance not stupidity

    By your own definition:

    "Ignorance is simply not having learned something, stupidity is not wishing or caring to learn, or acting on that knowledge."

    most computer users are indeed stupid. The vast majority of users do NOT care as long as they can surf the web, read their email and download cutesy screensavers and wotnot. They have no more interest in how their computer works or how it affects other people than they do in the functioning of a rotary Wankel engine. Learning might involve a bit of effort and that might tax their brain cell a bit too much or take up mindspace that they'd rather devote to football/Eastenders/X-factor.

This topic is closed for new posts.