Security researchers have dealt a mighty blow to a spam botnet known as Pushdo, a massive grouping of hacked PCs that until recently was responsible for sending more than 10 percent of all junk e-mail worldwide.
According to security firm M86 Security Labs, junk e-mail being relayed by Pushdo (a.k.a. Cutwail) tapered off from a torrent to a dribble over the past few days. M86 credits researchers at LastLine Inc., a security firm made up of professors and graduate students from University of California, Santa Barbara, the Vienna University of Technology (Austria), Eurecom (France), and Ruhr-University Bochum (Germany).
LastLine’s Thorsten Holz said his group identified 30 Internet servers used to control the Pushdo/Cutwail infrastructure, located at eight different hosting providers around the globe. Holz said Lastline contacted all hosting providers and worked with them to take down the machines, which lead to the takedown of nearly 20 of those control servers.
“Unfortunately, not all providers were responsive and thus several command & control servers are still online at this point,” Holz wrote on the company’s blog. “Nevertheless, this effort had an impact on Pushdo/Cutwail, which you can also see in new Anubis reports generated today by re-running the analysis: Many connection attempts fail and infected machines can not receive commands anymore.”