October spam levels plummet
Early October saw a significant drop in spam, which may have been caused by the closure of a spam affiliate named Spamit.


Spam levels significantly dropped at the start of this month, although volumes appeared to be creeping back up again this week.
Symantec attributed the fall, in particular the notable drop on 3 October, to dips in major botnet output.
On that day, spam output from both the Cutwail and Rustock botnets went down sharply, as did spam emanating from "unknown/other" sources.
"We think that fewer bots were sending spam for both Rustock and Cutwail on that day, causing the decrease in output," said Dan Bleaken, senior malware data analyst at Symantec Hosted Services, on a company blog.
"This would happen if bots were reassigned to some other task, the bots were lost, or if demand from spammers simply wasn't there."
Bleaken suggested the closure of a spam affiliate named Spamit, a "mainstay of the so-called Canadian Pharmacy' business," could have been the cause of the fall.
"Approximately two-thirds of all spam is related to pharmaceutical products, and a great deal of that is related to Canadian Pharmacy websites and related brands, which sell a variety of pills/drugs for anything from male enhancement, to weight loss, to stress relief," he explained.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
"It's an enormous money making machine in the shadow economy, and spammers line up to work with affiliate schemes such as Spamit, distributing enormous volumes of rapidly changing spam and taking commission for their efforts."
If Rustock, a botnet which puts out a significant portion of pharmaceutical spam, was heavily reliant on Spamit, then this could have caused the drop earlier this month, Bleaken said.
Cutwail, which covers more bases in terms of spam types, including pharma spam, could also have been hit but to a lesser extent than botnet giant Rustock.
"Many Cutwail spammers would have happily carried on with business as usual," Bleaken added.
Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.
He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.
-
CISA issues warning in wake of Oracle cloud credentials leak
News The security agency has published guidance for enterprises at risk
By Ross Kelly
-
Reports: White House mulling DeepSeek ban amid investigation
News Nvidia is caught up in US-China AI battle, but Huang still visits DeepSeek in Beijing
By Nicole Kobie
-
Seized database helps Europol snare botnet customers in ‘Operation Endgame’ follow-up sting
News Europol has detained several people believed to be involved in a botnet operation as part of a follow-up to a major takedown last year.
By Emma Woollacott
-
Horabot campaign targeted businesses for more than two years before finally being discovered
News The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular
By Ross Kelly
-
Brand-new Emotet campaign socially engineers its way from detection
News This latest resurgence follows a three-month hiatus and tricks users into re-enabling dangerous VBA macros
By Ross Kelly
-
Microsoft says “it’s just too difficult” to effectively disrupt ransomware
News The company details its new approach to combatting cyber crime as the underground industry drains $6 trillion from the global economy
By Connor Jones
-
Beating the bad bots: Six ways to identify and block spam traffic
In-depth Not all traffic is good. Learn how to prevent bad bots from overrunning your website
By Sead Fadilpašić
-
Ukraine's vigilante IT army now has a DDoS bot to automate attacks against Russia
News The 270,000-strong IT Army of Ukraine will now combine supporters' cloud infrastructure to strengthen the daily attacks against their invaders
By Connor Jones
-
Microsoft's secure VBA macro rules already being bypassed by hackers
News Recent analysis of Emotet activity has revealed a shift away from malicious Office documents to drop malware
By Connor Jones
-
Emotet infrastructure has almost doubled since resurgence was confirmed
News Researchers confirm the infrastructure has also been upgraded for a "better secured", more resilient operation
By Connor Jones