Mega-D Botnet overtakes Storm Botnet
A new botnet, called Mega-D, is currently responsible for an estimated 32% of all spam, compared to the Storm botnet’s peak estimate of 21% in September 2007.
The Mega-D botnet runs on a distributed peer to peer network, and the virus disables itself if it is run in a virtual environment. The virus spreads via malicious e-mails, which trick its victims into visiting fake websites and downloading the trojan.
E-mails are made to mimic invites to social networking sites such as Facebook, and will ask users to update their Flash player, when in fact they are downloading the virus. Other malicious e-mails used subjects mentioning the recent death of Heath Ledger to trick users into reading the e-mail and visiting a malicious web page.
Mega-D is used to advertise male enhancement pharmaceutical products, and is gaining momentum in Asia and North America, where broadband availability is high.
The Storm botnet’s activity has been declining, largely in part to Microsoft’s malicious software removal campaign. Storm had received a lot of publicity, whereas there is little media coverage on Mega-D.
Security experts at Marshal (www.marshal.com), a security company that monitors spam and botnet trends, found that Mega-D is the current juggernaut of e-mail spam. Marshal also reports that 70% of all spam is delivered from five botnets: Mega-D, Pushdo, HTML, One Word Sub, and Storm.
While the Storm botnet is the most infamous, it is estimated that Storm currently contributes around %2 of spam, meaning we now need more attention on the other botnets.
http://www.securecomputing.net.au/news/69328,megad-botnet-stronger-than-storm-promotes-male-sexual-pills.aspx
http://www.zdnet.com.au/news/security/soa/Mega-D-sticks-it-to-Storm-in-spam-contest/0,130061744,339285587,00.htm
http://en.wikipedia.org/wiki/Storm_botnet