The volume of spam e-mail is down…way down. That’s the good news. But experts aren’t exactly sure what’s caused the precipitous drop in spam e-mail or how long it will last.
As Brian Krebs reports on his blog, mail security firm M86 is seeing a 40% decline in spam volume since the beginning of October, with a huge reduction in spam coming from machines that are part of the Rustock botnet. That single botnet has accounted for more than half of all spam in recent months, though Krebs suggests that M86 may be misclassifying traffic from other botnets, such as Pushdo, with Rustock. The folks over at McAfee have seen a drop in spam, too, but attribute it to reduced Pushdo traffic, not Rustock traffic. Pushdo was, itself, the target of a takedown in August, but remanants of that botnet have since resumed operation.
One plausible explanation for the drop: the decision by spam affiliate program spamit.com to close its doors on October 1 after increasing scrutiny from authorities in the West and Russia. However, given the lucrative nature of the spam business, nobody is expecting the drop off to be permanent. More likely: spammers are laying low until the heat over Spamit.com passes before they switch operations to another spam affiliate program.
Read the report on Krebsonsecurity.com.