After a brief holiday of 10 days, the Mega-D/Ozdok botnet has resumed spamming. Last week we reported that Mega-D spam had dried up after the botnet’s control servers were taken offline. It now appears new control servers are up and running again. Since Saturday, we have noticed a steady stream of Mega-D spam arrive at our ThreatNet. So far the volume has been significant – about 15% of the spam arriving in our spam traps.
To date we have seen two types of spam. One is pushing the usual assortment of pills through an online pharmacy:
And the other is typical Mega-D - male enhancement spam linking through to none other than the usual ‘Express Herbals’ website.
