Rustock Botnet Returns, Levels of TLS Encrypted Spam Surge

About Save the Mail

We're a team of email protection enthusiasts dedicated to making email better, safer and easier to use.

Here, we cover all things email related.

Topic Tags

Spam Attacks Cybersecurity Social Networking Scareware Phishing Attacks Email Insanity Going Green YouTube Challenge Response Save the Mail! Spoofing

Send us Feedback, Win a T-shirt!

Rustock Botnet Returns, Levels of TLS Encrypted Spam Surge

Written by Save the Mail!

Tuesday, 30 March 2010 00:44

The Rustock botnet, one of the bots that was “squashed” in the McColo shut down in early ’09 is back and spewing unprecedented levels of TLS encrypted spam. According to a Symantec intelligence report TLS encrypted spam comprised 30% of all spam email during the week of March 15^th, and 70% of all spam mail sent by Rustock botnets.

The problem: TLS encrypted mail requires more processing power & storage space than non-TLS traffic.

The result: a greater degree of strain on your mail server.

Why spammers are doing it: It’s another way to evade law enforcement, TLS makes interception and subsequent infiltration of a botnet more difficult.

How to protect yourself:

1. Make sure your anti-spam system is not configured to automatically accept TLS encrypted messages (although most don’t, some have in the past)

2. Make sure you have a system in place to offload unnecessary mail traffic from your mail server (e.g. an email protection appliance that sits in front of your mail server or a hosted email protection solutions that processes the bulk of messages in the cloud).

Last Updated on Wednesday, 07 April 2010 19:04

About Save the Mail

Recent Posts

Topic Tags

Send us Feedback, Win a T-shirt!

0 Comments

Add Comment