Anyone glancing at our Spam by Spambot chart will not miss the huge proportion of spam sent by the Srizbi botnet. Without question, it is currently the largest spamming botnet out there. In the last week, Srizbi was responsible for 45% of spam we received in our spam traps:
Recent analysis suggests the Srizbi botnet comprises about 315,000 active bots. The total spamming capacity of this botnet is enormous. We have observed individual Srizbi bots sending some 8000 emails per hour. You do the math.
Srizbi has only recently become so dominant. At the end of 2007, we noticed Srizbi spam levels at around 20% of all spam. However during February and March 2008 spam from Srizbi exploded, coinciding with aggressive spam campaigns containing links to more copies of itself. These campaigns are continuing, as an example from today illustrates:
These attacks aren’t complex. A little social engineering and a simple link pointing to an executable to be downloaded by the user. Despite its simplicity, the operators of Srizbi have succeeded in growing their botnet and spamming capability using just these techniques.
